[Secure-testing-commits] r33172 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Mar 26 18:44:15 UTC 2015
Author: carnil
Date: 2015-03-26 18:44:15 +0000 (Thu, 26 Mar 2015)
New Revision: 33172
Modified:
data/CVE/list
Log:
Add CVE-2015-2750 for drupal
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-26 18:40:36 UTC (rev 33171)
+++ data/CVE/list 2015-03-26 18:44:15 UTC (rev 33172)
@@ -797,6 +797,14 @@
[squeeze] - drupal6 <end-of-life>
NOTE: https://www.drupal.org/SA-CORE-2015-001
NOTE: http://cgit.drupalcode.org/drupal/commit/?id=8e54eca05a65c6231b02510e1917af0c9191e549
+CVE-2015-2750 [SA-CORE-2015-001: Open redirect -- underlying problem lack of checks for special "//"]
+ {DSA-3200-1}
+ - drupal7 7.32-1+deb8u2 (bug #780772)
+ - drupal6 <removed>
+ [squeeze] - drupal6 <end-of-life>
+ NOTE: https://www.drupal.org/SA-CORE-2015-001
+ NOTE: http://cgit.drupalcode.org/drupal/commit/includes/menu.inc?h=6.x&id=8ffc5db3c0ab926f3d4b2cf8bc51714c8c0f3c93
+ NOTE: http://cgit.drupalcode.org/drupal/commit/includes/common.inc?h=7.x&id=b44056d2f8e8c71d35c85ec5c2fb8f7c8a02d8a8
CVE-2015-2749 [SA-CORE-2015-001: Open redirect -- issue related "destination" use]
{DSA-3200-1}
- drupal7 7.32-1+deb8u2 (bug #780772)
More information about the Secure-testing-commits
mailing list