[Secure-testing-commits] r36224 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 20 19:29:21 UTC 2015
Author: carnil
Date: 2015-08-20 19:29:21 +0000 (Thu, 20 Aug 2015)
New Revision: 36224
Modified:
data/CVE/list
Log:
Add temporary items for drupal issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-20 19:19:31 UTC (rev 36223)
+++ data/CVE/list 2015-08-20 19:29:21 UTC (rev 36224)
@@ -1,3 +1,29 @@
+CVE-2015-XXXX [Information Disclosure in Menu Links - Access system]
+ - drupal7 <unfixed>
+ - drupal6 <removed>
+ [squeeze] - drupal6 <end-of-life>
+ NOTE: https://www.drupal.org/SA-CORE-2015-003
+ NOTE: CVE assignments pending
+CVE-2015-XXXX [Cross-site Request Forgery - Form API]
+ - drupal7 <unfixed>
+ - drupal6 <removed>
+ [squeeze] - drupal6 <end-of-life>
+ NOTE: https://www.drupal.org/SA-CORE-2015-003
+ NOTE: CVE assignments pending
+CVE-2015-XXXX [SQL Injection - Database API]
+ - drupal7 <unfixed>
+ NOTE: https://www.drupal.org/SA-CORE-2015-003
+ NOTE: CVE assignments pending
+CVE-2015-XXXX [Cross-site Scripting - Autocomplete system]
+ - drupal7 <unfixed>
+ - drupal6 <removed>
+ [squeeze] - drupal6 <end-of-life>
+ NOTE: https://www.drupal.org/SA-CORE-2015-003
+ NOTE: CVE assignments pending
+CVE-2015-XXXX [Cross-site Scripting - Ajax system]
+ - drupal7 <unfixed>
+ NOTE: https://www.drupal.org/SA-CORE-2015-003
+ NOTE: CVE assignments pending
CVE-2015-XXXX [arbitrary code execution via the _self variable]
- twig 1.20.0-1
NOTE: http://symfony.com/blog/security-release-twig-1-20-0
More information about the Secure-testing-commits
mailing list