Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker
Commits: 530ee747 by Antoine Beaupré at 2018-03-29T17:26:56-04:00 Reserve DLA-1329-1 for memcached - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/DLA/list ===================================== --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[29 Mar 2018] DLA-1329-1 memcached - security update + {CVE-2018-1000127} + [wheezy] - memcached 1.4.13-0.2+deb7u4 [29 Mar 2018] DLA-1328-1 xerces-c - security update {CVE-2017-12627} [wheezy] - xerces-c 3.1.1-3+deb7u5 ===================================== data/dla-needed.txt ===================================== --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -93,14 +93,6 @@ libvorbis -- linux -- -memcached (anarcat) - NOTE: The Wheezy version supports the ascii protocol but the specific - NOTE: make_ascii_get_suffix function for the fix does not exist. Without a - NOTE: reproducer I cannot decide whether this version is vulnerable or not. - NOTE: -- Markus Koschany 2018-03-23 22:56:23 +0100 - NOTE: reproducer in http://www.openwall.com/lists/oss-security/2018/03/08/7 - NOTE: -- anarcat Thu Mar 29 16:30:36 EDT 2018 --- mercurial (anarcat) NOTE: 20180315: The patch to CVE-2016-1000116 added in 2.2.2-4+deb7u5 makes NOTE: 20180315: the testsuite fail nondeterminstically. You will need to apply View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/530ee747f5039fa785367c80a8f91923111b0cf2 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/530ee747f5039fa785367c80a8f91923111b0cf2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits