diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-29 07:20:18 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-29 07:20:18 +0000 |
commit | 2b3fabba72d43f66350f9a808aa86f6703f833e9 (patch) | |
tree | 9e978cfe82a4487f10e61d285b11bd9b2e6f5ffd | |
parent | 766695696c102a6c67856de4d43e3d1bee2b475c (diff) |
Asked MITRE (and confirmed) for rejection of CVE-2017-17496
CVE is invalid, since the respective functions having the problems are
just in dead code and unused. There is no vulnerability. The CVE is
withdrawn by MITRE itself.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@59010 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/2017.list | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 63cd6f730c..81e204245f 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -1365,8 +1365,8 @@ CVE-2017-17497 (In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c al - tidy-html5 <not-affected> (Vulnerable code introduced after 5.6.0) - tidy <not-affected> (Vulnerable code not present) NOTE: https://github.com/htacg/tidy-html5/issues/656 -CVE-2017-17496 (The socket_create function in socket.c in idevicerestore through ...) - TODO: check +CVE-2017-17496 + REJECTED CVE-2017-17495 RESERVED CVE-2017-17494 |