Bug#879732: CVE-2017-15874 / CVE-2017-15873

To: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
Cc: team@security.debian.org, 879732@bugs.debian.org
Subject: Bug#879732: CVE-2017-15874 / CVE-2017-15873
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 25 Oct 2017 19:49:30 +0200
Message-id: <[🔎] 20171025174930.GA6831@inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 879732@bugs.debian.org
In-reply-to: <[🔎] 1508951267@msgid.manchmal.in-ulm.de>
References: <[🔎] 150891435434.22080.3510739872749561639.reportbug@hullmann.westfalen.local> <[🔎] 1508951267@msgid.manchmal.in-ulm.de> <[🔎] 150891435434.22080.3510739872749561639.reportbug@hullmann.westfalen.local>

On Wed, Oct 25, 2017 at 07:27:42PM +0200, Christoph Biedl wrote:
> Tags: upstream confirmed
> 
> Moritz Muehlenhoff wrote...
> 
> > Hi,
> > please see:
> 
> Thanks for the heads-up, we'll try to get this fixed as soon as
> possible. For the moment, I'm somewhat confused about the affected
> distributions as listed in the security tracker. Could you please check?

That's not surprising :-)

By default all older releases are marked as affected (unless specific
suites are updated to reflect that they are not vulnerable).

Cheers,
        Moritz

Reply to:

References:
- Bug#879732: CVE-2017-15874 / CVE-2017-15873
  - From: Moritz Muehlenhoff <jmm@debian.org>
- Bug#879732: CVE-2017-15874 / CVE-2017-15873
  - From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

Prev by Date: Bug#879732: CVE-2017-15874 / CVE-2017-15873
Next by Date: Re: debian-installer: call to update translations - Bosnian
Previous by thread: Bug#879732: CVE-2017-15874 / CVE-2017-15873
Next by thread: Bug#879755: debootstrap fails with current sid without apt-transport-https and https URLs
Index(es):
- Date
- Thread