[Secure-testing-commits] r32409 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Feb 22 12:42:11 UTC 2015
Author: carnil
Date: 2015-02-22 12:42:11 +0000 (Sun, 22 Feb 2015)
New Revision: 32409
Modified:
data/CVE/list
Log:
Update typo3-src CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-22 12:36:39 UTC (rev 32408)
+++ data/CVE/list 2015-02-22 12:42:11 UTC (rev 32409)
@@ -4344,8 +4344,10 @@
CVE-2014-9509 (The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x ...)
- typo3-src <unfixed>
[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
+ NOTE: Solution is to remove he configuration options config.prefixLocalAnchors
+ NOTE: (and optionally also config.baseUrl) in favor of config.absRefPrefix
CVE-2014-9508 (The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x ...)
- - typo3-src <unfixed> (bug #775105)
+ - typo3-src 4.5.40+dfsg1-1 (bug #775105)
[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://review.typo3.org/#/c/35222/
NOTE: https://review.typo3.org/gitweb?p=Packages/TYPO3.CMS.git;a=commitdiff;h=63ae7ddd11d284a121f23ce86282e3149bc16f96
More information about the Secure-testing-commits
mailing list