Inguza Technology AB

technology, analysis and solutions

Debian Long Term Support work 2016 September

This is the second month being part of the Debian Long Term Support team.

The following contributions were made:

  • Correction of phpmyadmin (DLA-626-1). 25 CVE were checked and solved or concluded as unimportant.
  • Concluded that libical CVE-2016-5823 is not severe enough to solve. It is a free of non-malloced area and that means a possible DOS attack. I do not think this is severe enough for wheezy where this is mainly used in client software.
  • Security tracker data update:
    • A few CVEs for openjdk-6 was marked with "end-of-life" tag.