Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
454a1ce3 by Salvatore Bonaccorso at 2018-09-16T09:43:45Z
Mark CVE-2018-17076/gpp as no-dsa
Rationale: not sure it might be used e.g. in a service processing LaTeX
documents in a webservice. If it is purely used as CLI tool, this would
be unimportant severity. Still disputable how to mark it correctly.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10,6 +10,7 @@ CVE-2018-17077 (An issue was discovered in yiqicms through
2016-11-20. There is
NOT-FOR-US: yiqicms
CVE-2018-17076 (GPP through 2.25 will try to use more memory space than is
available on ...)
- gpp <unfixed>
+ [stretch] - gpp <no-dsa> (Minor issue)
NOTE: https://github.com/logological/gpp/issues/26
CVE-2018-17075 (The html package (aka x/net/html) before 2018-07-13 in Go
mishandles ...)
TODO: check
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/454a1ce33e2e5f15f2e6dc79cb98018d42488d53
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/454a1ce33e2e5f15f2e6dc79cb98018d42488d53
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
