[Secure-testing-commits] r35376 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Jul 8 21:10:15 UTC 2015
Author: sectracker
Date: 2015-07-08 21:10:15 +0000 (Wed, 08 Jul 2015)
New Revision: 35376
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-08 15:22:51 UTC (rev 35375)
+++ data/CVE/list 2015-07-08 21:10:15 UTC (rev 35376)
@@ -1,3 +1,191 @@
+CVE-2015-5451
+ RESERVED
+CVE-2015-5450
+ RESERVED
+CVE-2015-5449
+ RESERVED
+CVE-2015-5448
+ RESERVED
+CVE-2015-5447
+ RESERVED
+CVE-2015-5446
+ RESERVED
+CVE-2015-5445
+ RESERVED
+CVE-2015-5444
+ RESERVED
+CVE-2015-5443
+ RESERVED
+CVE-2015-5442
+ RESERVED
+CVE-2015-5441
+ RESERVED
+CVE-2015-5440
+ RESERVED
+CVE-2015-5439
+ RESERVED
+CVE-2015-5438
+ RESERVED
+CVE-2015-5437
+ RESERVED
+CVE-2015-5436
+ RESERVED
+CVE-2015-5435
+ RESERVED
+CVE-2015-5434
+ RESERVED
+CVE-2015-5433
+ RESERVED
+CVE-2015-5432
+ RESERVED
+CVE-2015-5431
+ RESERVED
+CVE-2015-5430
+ RESERVED
+CVE-2015-5429
+ RESERVED
+CVE-2015-5428
+ RESERVED
+CVE-2015-5427
+ RESERVED
+CVE-2015-5426
+ RESERVED
+CVE-2015-5425
+ RESERVED
+CVE-2015-5424
+ RESERVED
+CVE-2015-5423
+ RESERVED
+CVE-2015-5422
+ RESERVED
+CVE-2015-5421
+ RESERVED
+CVE-2015-5420
+ RESERVED
+CVE-2015-5419
+ RESERVED
+CVE-2015-5418
+ RESERVED
+CVE-2015-5417
+ RESERVED
+CVE-2015-5416
+ RESERVED
+CVE-2015-5415
+ RESERVED
+CVE-2015-5414
+ RESERVED
+CVE-2015-5413
+ RESERVED
+CVE-2015-5412
+ RESERVED
+CVE-2015-5411
+ RESERVED
+CVE-2015-5410
+ RESERVED
+CVE-2015-5409
+ RESERVED
+CVE-2015-5408
+ RESERVED
+CVE-2015-5407
+ RESERVED
+CVE-2015-5406
+ RESERVED
+CVE-2015-5405
+ RESERVED
+CVE-2015-5404
+ RESERVED
+CVE-2015-5403
+ RESERVED
+CVE-2015-5402
+ RESERVED
+CVE-2015-5401
+ RESERVED
+CVE-2015-5400
+ RESERVED
+CVE-2015-5399
+ RESERVED
+CVE-2015-5398
+ RESERVED
+CVE-2015-5397
+ RESERVED
+CVE-2015-5396
+ RESERVED
+CVE-2015-5395
+ RESERVED
+CVE-2015-5394
+ RESERVED
+CVE-2015-5393
+ RESERVED
+CVE-2015-5392
+ RESERVED
+CVE-2015-5391
+ RESERVED
+CVE-2015-5390
+ RESERVED
+CVE-2015-5389
+ RESERVED
+CVE-2015-5388
+ RESERVED
+CVE-2015-5387
+ RESERVED
+CVE-2015-5386
+ RESERVED
+CVE-2015-5385
+ RESERVED
+CVE-2015-5384
+ RESERVED
+CVE-2015-5380
+ RESERVED
+CVE-2015-5379
+ RESERVED
+CVE-2015-5378
+ RESERVED
+CVE-2015-5377
+ RESERVED
+CVE-2015-5376
+ RESERVED
+CVE-2015-5375
+ RESERVED
+CVE-2015-5374
+ RESERVED
+CVE-2015-5373
+ RESERVED
+CVE-2015-5372
+ RESERVED
+CVE-2015-5371 (The AuthenticationFilter class in SolarWinds Storage Manager allows ...)
+ TODO: check
+CVE-2015-5370
+ RESERVED
+CVE-2015-5369
+ RESERVED
+CVE-2015-5368
+ RESERVED
+CVE-2015-5367
+ RESERVED
+CVE-2014-9740 (Cross-site scripting (XSS) vulnerability in the Rules Link module ...)
+ TODO: check
+CVE-2014-9739 (Cross-site scripting (XSS) vulnerability in the Node Field module ...)
+ TODO: check
+CVE-2014-9738 (Multiple cross-site scripting (XSS) vulnerabilities in the Tournament ...)
+ TODO: check
+CVE-2014-9737 (Open redirect vulnerability in the Language Switcher Dropdown module ...)
+ TODO: check
+CVE-2014-9736
+ RESERVED
+CVE-2013-7442
+ RESERVED
+CVE-2012-6695
+ RESERVED
+CVE-2012-6694
+ RESERVED
+CVE-2012-6693
+ RESERVED
+CVE-2011-5324
+ RESERVED
+CVE-2011-5323
+ RESERVED
+CVE-2011-5322
+ RESERVED
CVE-2015-XXXX [Incomplete WPS and P2P NFC NDEF record payload length validation]
- wpa <unfixed>
- wpasupplicant <removed>
@@ -26,16 +214,19 @@
NOTE: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
NOTE: Patch: http://downloads.powerdns.com/patches/2015-01/rec-3.7.2.patch
CVE-2015-5383 [potential info disclosure from temp directory]
+ RESERVED
- roundcube <not-affected> (protection is done in apache config in binary package)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
NOTE: http://trac.roundcube.net/ticket/1490378
CVE-2015-5382 [security improvement in contact photo handling]
+ RESERVED
- roundcube <unfixed> (bug #791643)
[wheezy] - roundcube <not-affected> (Vulnerable code not present)
[squeeze] - roundcube <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
NOTE: http://trac.roundcube.net/ticket/1490379
CVE-2015-5381 [XSS vulnerability in _mbox argument]
+ RESERVED
- roundcube <unfixed> (bug #791643)
[wheezy] - roundcube <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
@@ -1560,10 +1751,10 @@
RESERVED
CVE-2015-4649
RESERVED
-CVE-2015-4648
- RESERVED
-CVE-2015-4647
- RESERVED
+CVE-2015-4648 (Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX ...)
+ TODO: check
+CVE-2015-4647 (Multiple stack-based buffer overflows in Ipropsapi in Panasonic ...)
+ TODO: check
CVE-2015-4641 (Directory traversal vulnerability in the SwiftKey language-pack update ...)
NOT-FOR-US: SwiftKey language-pack update implementation on Samsung devices
CVE-2015-4640 (The SwiftKey language-pack update implementation on Samsung Galaxy S4, ...)
@@ -2027,7 +2218,7 @@
NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7720
NOTE: http://bugs.cacti.net/view.php?id=2572
NOTE: Fixed upstream in 0.8.8d
-CVE-2015-4453 (The web interface in OpenEMR 2.x, 3.x, and 4.x before 4.2.0 patch 2 ...)
+CVE-2015-4453 (interface/globals.php in OpenEMR 2.x, 3.x, and 4.x before 4.2.0 patch ...)
NOT-FOR-US: OpenEMR
CVE-2015-4452
RESERVED
@@ -2464,8 +2655,8 @@
TODO: check
CVE-2015-4231 (The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices ...)
TODO: check
-CVE-2015-4230
- RESERVED
+CVE-2015-4230 (Memory leak in Cisco Headend System Release allows remote attackers to ...)
+ TODO: check
CVE-2015-4229 (The web framework in Cisco Unified Communications Domain Manager ...)
NOT-FOR-US: Cisco Unified Communications Domain Manager
CVE-2015-4228 (Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad ...)
@@ -2726,6 +2917,7 @@
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14 (v3.19-rc3)
NOTE: http://www.openwall.com/lists/oss-security/2015/06/03/4
CVE-2015-5366 [Linux UDP checksum DoS EGAIN part]
+ RESERVED
- linux 4.0.7-1
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 (v4.1-rc7)
@@ -3100,10 +3292,10 @@
- qemu-kvm <removed>
[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=8b8f1c7e9ddb2e88a144638f6527bf70e32343e3
-CVE-2015-4034
- RESERVED
-CVE-2015-4033
- RESERVED
+CVE-2015-4034 (The createFromParcel method in the ...)
+ TODO: check
+CVE-2015-4033 (Samsung SBeam allows remote attackers to read arbitrary images by ...)
+ TODO: check
CVE-2015-4032 (projectContents.jsp in the Developer tools in Visual Mining NetCharts ...)
NOT-FOR-US: Visual Mining NetCharts Server
CVE-2015-4031 (Directory traversal vulnerability in saveFile.jsp in the development ...)
@@ -3367,14 +3559,14 @@
RESERVED
CVE-2015-3959
RESERVED
-CVE-2015-3958
- RESERVED
-CVE-2015-3957
- RESERVED
+CVE-2015-3958 (Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly ...)
+ TODO: check
+CVE-2015-3957 (Hospira LifeCare PCA Infusion System before 7.0 stores private keys ...)
+ TODO: check
CVE-2015-3956
RESERVED
-CVE-2015-3955
- RESERVED
+CVE-2015-3955 (Stack-based buffer overflow in Hospira LifeCare PCA Infusion System ...)
+ TODO: check
CVE-2015-3954
RESERVED
CVE-2015-3953
@@ -4664,7 +4856,7 @@
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a134f083e79fb4c3d0a925691e732c56911b4326 (v4.1-rc2)
NOTE: https://lkml.org/lkml/2011/5/13/382
-CVE-2015-3459 (Hospira Lifecare PCA infusion pump running "SW ver 412" does not ...)
+CVE-2015-3459 (The communication module on the Hospira LifeCare PCA Infusion System ...)
NOT-FOR-US: Hospira Lifecare PCA
CVE-2015-3458 (The fetchView function in the Mage_Core_Block_Template_Zend class in ...)
NOT-FOR-US: Magento
@@ -5199,8 +5391,7 @@
RESERVED
CVE-2015-3282
RESERVED
-CVE-2015-3281 [information leak]
- RESERVED
+CVE-2015-3281 (The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and ...)
{DSA-3301-1}
- haproxy 1.5.14-1
[wheezy] - haproxy <not-affected> (Affects 1.5.x and 1.6-dev only)
@@ -5433,8 +5624,7 @@
[wheezy] - pcre3 <no-dsa> (Minor issue)
[squeeze] - pcre3 <no-dsa> (Minor issue)
NOTE: https://bugs.exim.org/show_bug.cgi?id=1638
-CVE-2015-3216 [Crash in ssleay_rand_bytes due to locking regression]
- RESERVED
+CVE-2015-3216 (Race condition in a certain Red Hat patch to the PRNG lock ...)
- openssl <not-affected> (Affects Red Hat specific patch)
NOTE: More information in https://bugzilla.redhat.com/show_bug.cgi?id=1225994
CVE-2015-3215
@@ -6444,10 +6634,10 @@
NOT-FOR-US: Blue Coat SSL Visibility Appliance
CVE-2015-2851 (client_chown in the sync client in Synology Cloud Station 1.1-2291 ...)
NOT-FOR-US: Synology Cloud Station
-CVE-2015-2850
- RESERVED
-CVE-2015-2849
- RESERVED
+CVE-2015-2850 (Cross-site scripting (XSS) vulnerability in index-login.ant in the ...)
+ TODO: check
+CVE-2015-2849 (SQL injection vulnerability in main.ant in the ANTlabs InnGate ...)
+ TODO: check
CVE-2015-2848
RESERVED
CVE-2015-2847
@@ -6854,18 +7044,15 @@
RESERVED
CVE-2015-2744
RESERVED
-CVE-2015-2743
- RESERVED
+CVE-2015-2743 (PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/
-CVE-2015-2742
- RESERVED
+CVE-2015-2742 (Mozilla Firefox before 39.0 on OS X includes native key press ...)
- iceweasel <not-affected> (OS X specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-68/
-CVE-2015-2741
- RESERVED
+CVE-2015-2741 (Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and ...)
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -6875,64 +7062,56 @@
[jessie] - icedove <not-affected> (Only affects Thunderbird 38 and later)
[wheezy] - icedove <not-affected> (Only affects Thunderbird 38 and later)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-67/
-CVE-2015-2740
- RESERVED
+CVE-2015-2740 (Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2739
- RESERVED
+CVE-2015-2739 (The ArrayBufferBuilder::append function in Mozilla Firefox before ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2738
- RESERVED
+CVE-2015-2738 (The YCbCrImageDataDeserializer::ToDataSourceSurface function in the ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2737
- RESERVED
+CVE-2015-2737 (The rx::d3d11::SetBufferData function in the Direct3D 11 ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2736
- RESERVED
+CVE-2015-2736 (The nsZipArchive::BuildFileList function in Mozilla Firefox before ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2735
- RESERVED
+CVE-2015-2735 (nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2734
- RESERVED
+CVE-2015-2734 (The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
-CVE-2015-2733
- RESERVED
+CVE-2015-2733 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant ...)
- iceweasel 38.1.0esr-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -6940,44 +7119,38 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
CVE-2015-2732
RESERVED
-CVE-2015-2731
- RESERVED
+CVE-2015-2731 (Use-after-free vulnerability in the CSPService::ShouldLoad function in ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-63/
-CVE-2015-2730
- RESERVED
+CVE-2015-2730 (Mozilla Network Security Services (NSS) before 3.19.1, as used in ...)
- nss 2:3.19.1-1
- iceweasel 38.1.0esr-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/
-CVE-2015-2729
- RESERVED
+CVE-2015-2729 (The AudioParamTimeline::AudioNodeInputValue function in the Web Audio ...)
- iceweasel 38.1.0esr-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-62/
-CVE-2015-2728
- RESERVED
+CVE-2015-2728 (The IndexedDatabaseManager class in the IndexedDB implementation in ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-61/
-CVE-2015-2727
- RESERVED
+CVE-2015-2727 (Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote ...)
- iceweasel 38.1.0esr-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-60/
-CVE-2015-2726
- RESERVED
+CVE-2015-2726 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
[jessie] - iceweasel <not-affected> (Only affects Firefox 39)
@@ -6987,8 +7160,7 @@
[jessie] - icedove <not-affected> (Only affects Icedove 39)
[wheezy] - icedove <not-affected> (Only affects Icedove 39)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
-CVE-2015-2725
- RESERVED
+CVE-2015-2725 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
@@ -6998,8 +7170,7 @@
[jessie] - icedove <not-affected> (Only affects Icedove 38 and later)
[wheezy] - icedove <not-affected> (Only affects Icedove 38 and later)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
-CVE-2015-2724
- RESERVED
+CVE-2015-2724 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
{DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
@@ -7008,15 +7179,13 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
CVE-2015-2723
REJECTED
-CVE-2015-2722
- RESERVED
+CVE-2015-2722 (Use-after-free vulnerability in the CanonicalizeXPCOMParticipant ...)
- iceweasel 38.1.0esr-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
-CVE-2015-2721
- RESERVED
+CVE-2015-2721 (Mozilla Network Security Services (NSS) before 3.19, as used in ...)
{DSA-3300-1}
- nss 2:3.19.1-1
- iceweasel 38.1.0esr-1
@@ -8721,8 +8890,8 @@
RESERVED
CVE-2015-2127
RESERVED
-CVE-2015-2126
- RESERVED
+CVE-2015-2126 (Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows ...)
+ TODO: check
CVE-2015-2125 (Unspecified vulnerability in HP WebInspect 7.x through 10.4 before ...)
NOT-FOR-US: HP WebInspect
CVE-2015-2124 (Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 ...)
@@ -12392,8 +12561,8 @@
NOT-FOR-US: OSIsoft PI AF and OSIsoft PI SQL for AF
CVE-2015-1012
RESERVED
-CVE-2015-1011
- RESERVED
+CVE-2015-1011 (Hospira LifeCare PCA Infusion System before 7.0 has hardcoded ...)
+ TODO: check
CVE-2015-1010 (Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does ...)
NOT-FOR-US: Rockwell Automation RSView32
CVE-2015-1009
@@ -25795,8 +25964,8 @@
NOT-FOR-US: Nordex Control 2
CVE-2014-5407 (Multiple stack-based buffer overflows in Schneider Electric VAMPSET ...)
NOT-FOR-US: Schneider Electric
-CVE-2014-5406
- RESERVED
+CVE-2014-5406 (The Hospira LifeCare PCA Infusion System before 7.0 does not validate ...)
+ TODO: check
CVE-2014-5405 (Hospira MedNet before 6.1 uses a hardcoded cleartext password to ...)
NOT-FOR-US: Hospira MedNet
CVE-2014-5404
@@ -30237,8 +30406,7 @@
NOT-FOR-US: JBoss KeyCloak
CVE-2014-3654 (Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java ...)
NOT-FOR-US: Red Hat Satellite
-CVE-2014-3653 [XSS flaw on template preview screen]
- RESERVED
+CVE-2014-3653 (Cross-site scripting (XSS) vulnerability in the template preview ...)
- foreman <itp> (bug #663101)
NOTE: http://projects.theforeman.org/issues/7483
NOTE: https://github.com/sodabrew/foreman/issues/1
More information about the Secure-testing-commits
mailing list