[Secure-testing-commits] r21564 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Sat Mar 9 22:02:19 UTC 2013
Author: carnil
Date: 2013-03-09 22:02:19 +0000 (Sat, 09 Mar 2013)
New Revision: 21564
Modified:
data/CVE/list
Log:
add item to check if libdancer2-perl (in NEW queue) also affected by Cookie name CRLF injection, see CVE-2012-5572 for libdancer-perl
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-09 15:32:42 UTC (rev 21563)
+++ data/CVE/list 2013-03-09 22:02:19 UTC (rev 21564)
@@ -8149,6 +8149,7 @@
- libdancer-perl <unfixed> (low; bug #694279)
[wheezy] - libdancer-perl <unfixed> (low; bug #694279)
NOTE: https://github.com/PerlDancer/Dancer/issues/859
+ TODO: check if libdancer2-perl also affected?
CVE-2012-5571 (OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not ...)
- keystone 2012.1.1-11 (bug #694433)
CVE-2012-5570
More information about the Secure-testing-commits
mailing list