[Secure-testing-commits] r35521 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 16 20:04:12 UTC 2015
Author: carnil
Date: 2015-07-16 20:04:12 +0000 (Thu, 16 Jul 2015)
New Revision: 35521
Modified:
data/CVE/list
Log:
Update references for elasticsearch CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-16 19:17:18 UTC (rev 35520)
+++ data/CVE/list 2015-07-16 20:04:12 UTC (rev 35521)
@@ -1,6 +1,6 @@
-CVE-2015-5531
- - elasticsearch <unfixed>
- NOTE: Fixed in 1.6.1 and 1.7.0 release
+CVE-2015-5531 [Directory traversal vulnerability]
+ - elasticsearch <unfixed> (bug #792617)
+ NOTE: https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security
CVE-2015-5521 (Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows ...)
TODO: check
CVE-2015-5520 (Cross-site scripting (XSS) vulnerability in the Users module in ...)
@@ -312,10 +312,10 @@
RESERVED
CVE-2015-5378
RESERVED
-CVE-2015-5377
+CVE-2015-5377 [Remote code execution vulnerability]
RESERVED
- - elasticsearch <unfixed>
- NOTE: fixed in 1.6.1 and 1.7.0 release
+ - elasticsearch <unfixed> (bug #792617)
+ NOTE: https://www.elastic.co/blog/elasticsearch-1-7-0-and-1-6-1-released#security
CVE-2015-5376
RESERVED
CVE-2015-5375
More information about the Secure-testing-commits
mailing list