[Secure-testing-commits] r26386 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Apr 1 08:56:37 UTC 2014
Author: carnil
Date: 2014-04-01 08:56:37 +0000 (Tue, 01 Apr 2014)
New Revision: 26386
Modified:
data/CVE/list
Log:
Add CVE-2013-5705
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-01 08:53:41 UTC (rev 26385)
+++ data/CVE/list 2014-04-01 08:56:37 UTC (rev 26386)
@@ -10272,8 +10272,11 @@
NOT-FOR-US: Coursemill Learning Management System
CVE-2013-5706 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
NOT-FOR-US: Coursemill Learning Management System
-CVE-2013-5705
+CVE-2013-5705 [bypass of intended rules via chunked requests]
RESERVED
+ - modsecurity-apache 2.7.7-1
+ - libapache-mod-security <removed>
+ TODO: check, fixed in 2.7.6
CVE-2013-5704 [bypass of mod_headers rules via chunked requests]
RESERVED
- apache2 <unfixed>
More information about the Secure-testing-commits
mailing list