[Secure-testing-commits] r32279 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 17 12:34:46 UTC 2015
Author: carnil
Date: 2015-02-17 12:34:46 +0000 (Tue, 17 Feb 2015)
New Revision: 32279
Modified:
data/CVE/list
Log:
dd novnc issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-17 10:22:24 UTC (rev 32278)
+++ data/CVE/list 2015-02-17 12:34:46 UTC (rev 32279)
@@ -1,5 +1,9 @@
CVE-2015-XXXX [Vulnerabilities in nanohttp]
- libcsoap <unfixed> (bug #778599)
+CVE-2013-XXXX [session hijack through insecurely set session token cookies]
+ - novnc <unfixed>
+ NOTE: https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/17/1
CVE-2014-9682
NOT-FOR-US: node-dns-sync
CVE-2014-XXXX [more to CVE-2014-6585]
More information about the Secure-testing-commits
mailing list