Santiago R.R. pushed to branch master at Debian Security Tracker / 

0241ef43 by Santiago R.R at 2018-02-20T00:09:49+01:00
CVE-2018-6794/suricata: add note about wheezy

Signed-off-by: Santiago R.R <>

- - - - -

1 changed file:

- data/dla-needed.txt


--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -77,10 +77,8 @@ opencv (Thorsten Alteholz)
 openjdk-7 (Emilio Pozuelo)
 suricata (Santiago R.R.)
-  NOTE: Hard to tell whether the package is vulnerable. DetectFlow in detect.c
-  NOTE: does not exist. Code seems to be in SigMatchSignatures instead.
-  NOTE: StreamTcpInlineDropInvalid function does not exist at all. Perhaps 
-  NOTE: upstream and ask for a clarification?
+  NOTE: Confirmed to be vulnerable.
+  NOTE: Follow security-team and tag it no-dsa?
   NOTE: 20180217: Upstream unsure how to fix at the moment (lamby)

View it on GitLab:

View it on GitLab:
You're receiving this email because of your account on
Secure-testing-commits mailing list

Reply via email to