Author: jmm
Date: 2017-10-02 17:10:49 +0000 (Mon, 02 Oct 2017)
New Revision: 56354
Modified:
data/CVE/list
Log:
stretch no-dsa triage:
tenshi, sipcrack unimportant
python-restkit, libnet-server-perl ignored
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-02 16:59:21 UTC (rev 56353)
+++ data/CVE/list 2017-10-02 17:10:49 UTC (rev 56354)
@@ -8813,10 +8813,10 @@
NOTE: https://github.com/tinyproxy/tinyproxy/issues/106
CVE-2017-11746 (Tenshi 0.15 creates a tenshi.pid file after dropping
privileges to a ...)
{DLA-1069-1}
- - tenshi <unfixed> (bug #871321)
- [stretch] - tenshi <ignored> (Minor issue)
+ - tenshi <unfixed> (unimportant; bug #871321)
NOTE: https://github.com/inversepath/tenshi/issues/6
NOTE:
https://github.com/inversepath/tenshi/commit/d0e7f28c13ffbd5888b31d6532c2faf78f10f176
+ NOTE: Negligable security impact
CVE-2017-11745
RESERVED
CVE-2017-11744 (In MODX Revolution 2.5.7, the "key" and
"name" parameters in the System ...)
@@ -9146,17 +9146,13 @@
CVE-2017-11656
RESERVED
CVE-2017-11655 (A memory leak was found in the way SIPcrack 0.2 handled
processing of ...)
- - sipcrack <unfixed> (bug #869803)
- [stretch] - sipcrack <no-dsa> (Minor issue)
- [jessie] - sipcrack <no-dsa> (Minor issue)
- [wheezy] - sipcrack <no-dsa> (Minor issue)
+ - sipcrack <unfixed> (unimportant; bug #869803)
NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
+ NOTE: Negligable security impact
CVE-2017-11654 (An out-of-bounds read and write flaw was found in the way
SIPcrack 0.2 ...)
- - sipcrack <unfixed> (bug #869803)
- [stretch] - sipcrack <no-dsa> (Minor issue)
- [jessie] - sipcrack <no-dsa> (Minor issue)
- [wheezy] - sipcrack <no-dsa> (Minor issue)
+ - sipcrack <unfixed> (unimportant; bug #869803)
NOTE: http://www.openwall.com/lists/oss-security/2017/07/26/1
+ NOTE: Negligable security impact
CVE-2017-11653 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions
for the ...)
NOT-FOR-US: Razer Synapse
CVE-2017-11652 (Razer Synapse 2.20.15.1104 and earlier uses weak permissions
for the ...)
@@ -92068,9 +92064,9 @@
NOT-FOR-US: ZeusCart
CVE-2015-2674 (Restkit allows man-in-the-middle attackers to spoof TLS servers
by ...)
- python-restkit <unfixed> (bug #781813)
- [stretch] - python-restkit <no-dsa> (Minor issue)
- [jessie] - python-restkit <no-dsa> (Minor issue)
- [wheezy] - python-restkit <no-dsa> (Minor issue)
+ [stretch] - python-restkit <ignored> (Minor issue)
+ [jessie] - python-restkit <ignored> (Minor issue)
+ [wheezy] - python-restkit <ignored> (Minor issue)
[squeeze] - python-restkit <no-dsa> (Minor issue)
NOTE: https://github.com/benoitc/restkit/issues/140
NOTE: http://www.openwall.com/lists/oss-security/2015/03/12/9
@@ -139016,9 +139012,9 @@
- typo3-src 4.5.19+dfsg1-5 (bug #702574)
CVE-2013-1841 (Net-Server, when the reverse-lookups option is enabled, does
not check ...)
- libnet-server-perl <unfixed> (low; bug #702914)
- [stretch] - libnet-server-perl <no-dsa> (Minor issue)
- [jessie] - libnet-server-perl <no-dsa> (Minor issue)
- [wheezy] - libnet-server-perl <no-dsa> (Minor issue)
+ [stretch] - libnet-server-perl <ignored> (Minor issue)
+ [jessie] - libnet-server-perl <ignored> (Minor issue)
+ [wheezy] - libnet-server-perl <ignored> (Minor issue)
[squeeze] - libnet-server-perl <no-dsa> (Minor issue)
NOTE: https://rt.cpan.org/Ticket/Display.html?id=83909
CVE-2013-1840 (The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2),
and ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
