[Secure-testing-commits] r37562 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 4 16:18:20 UTC 2015
Author: carnil
Date: 2015-11-04 16:18:20 +0000 (Wed, 04 Nov 2015)
New Revision: 37562
Modified:
data/CVE/list
Log:
Update entry for CVE-2015-8076/cyrus-imapd-2.4
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-04 16:11:28 UTC (rev 37561)
+++ data/CVE/list 2015-11-04 16:18:20 UTC (rev 37562)
@@ -1865,10 +1865,11 @@
- nodejs 4.1.1~dfsg-3 (bug #800580)
[jessie] - nodejs <not-affected> (Vulnerability not present)
NOTE: https://groups.google.com/forum/#!topic/nodejs-sec/fSNEQiuof6I
-CVE-2015-XXXX [urlfetch range handling flaw in Cyrus IMAP]
- - cyrus-imapd-2.4 <unfixed>
- NOTE: Patch in 2.4.17+nocaldav-2 incomplete, needs check
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/29/2
+CVE-2015-8076 [urlfetch range handling flaw in Cyrus IMAP]
+ - cyrus-imapd-2.4 2.4.17+nocaldav-2
+ NOTE: http://www.openwall.com/lists/oss-security/2015/09/29/2
+ NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921
+ NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=c21e179c1f6b968fe69bebe079176714e511587b
CVE-2015-7383 (Multiple cross-site scripting (XSS) vulnerabilities in Web Reference ...)
NOT-FOR-US: Web Reference Database (aka refbase)
CVE-2015-7382 (SQL injection vulnerability in install.php in Web Reference Database ...)
More information about the Secure-testing-commits
mailing list