[Secure-testing-commits] r34349 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue May 19 19:52:39 UTC 2015
Author: carnil
Date: 2015-05-19 19:52:39 +0000 (Tue, 19 May 2015)
New Revision: 34349
Modified:
data/CVE/list
Log:
Add CVE-2014-9720/python-tornado, to be checked
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-19 19:50:44 UTC (rev 34348)
+++ data/CVE/list 2015-05-19 19:52:39 UTC (rev 34349)
@@ -54,6 +54,12 @@
RESERVED
CVE-2015-3989 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 ...)
TODO: check
+CVE-2014-9720
+ - python-tornado <unfixed>
+ NOTE: https://github.com/tornadoweb/tornado/commit/1c36307463b1e8affae100bf9386948e6c1b2308
+ NOTE: https://bugzilla.novell.com/show_bug.cgi?id=930362
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1222816
+ TODO: check
CVE-2014-9719
RESERVED
CVE-2015-XXXX [various functions allow \0 in paths where they shouldn't]
More information about the Secure-testing-commits
mailing list