[Secure-testing-commits] r37527 - data/CVE
Sebastien Delafond
seb at moszumanska.debian.org
Tue Nov 3 15:39:14 UTC 2015
Author: seb
Date: 2015-11-03 15:39:14 +0000 (Tue, 03 Nov 2015)
New Revision: 37527
Modified:
data/CVE/list
Log:
Mark CVE-2015-5667 as no-dsa, since "comment" functionality is off by default
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-03 15:29:50 UTC (rev 37526)
+++ data/CVE/list 2015-11-03 15:39:14 UTC (rev 37527)
@@ -5920,6 +5920,9 @@
TODO: check
CVE-2015-5667 (Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module ...)
- libhtml-scrubber-perl 0.15-1 (bug #803943)
+ [jessie] - libhtml-scrubber-perl <no-dsa> (Minor issue; "comment" functionality is off by default)
+ [wheezy] - libhtml-scrubber-perl <no-dsa> (Minor issue; "comment" functionality is off by default)
+ [squeeze] - libhtml-scrubber-perl <no-dsa> (Minor issue; "comment" functionality is off by default)
NOTE: Upstream fix: https://github.com/nigelm/html-scrubber/commit/e1978cc37867e85c06a84a4651745235010cd6cd
CVE-2015-5666
RESERVED
More information about the Secure-testing-commits
mailing list