[Secure-testing-commits] r32346 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Feb 19 12:23:02 UTC 2015
Author: carnil
Date: 2015-02-19 12:23:02 +0000 (Thu, 19 Feb 2015)
New Revision: 32346
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2015-1164
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-19 11:22:06 UTC (rev 32345)
+++ data/CVE/list 2015-02-19 12:23:02 UTC (rev 32346)
@@ -2476,7 +2476,7 @@
RESERVED
- jenkins 1.565.3-3 (bug #769682)
CVE-2015-1164 (Open redirect vulnerability in the serve-static plugin before 1.7.2 ...)
- - node-serve-static <unfixed> (unimportant; bug #775843)
+ - node-serve-static 1.6.4-2 (unimportant; bug #775843)
NOTE: libv8 is not covered by security support
NOTE: https://nodesecurity.io/advisories/serve-static-open-redirect
NOTE: https://github.com/expressjs/serve-static/issues/26
More information about the Secure-testing-commits
mailing list