[Secure-testing-commits] r43924 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Aug 10 21:23:56 UTC 2016
Author: jmm
Date: 2016-08-10 21:23:56 +0000 (Wed, 10 Aug 2016)
New Revision: 43924
Modified:
data/CVE/list
Log:
twisted unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-10 21:11:31 UTC (rev 43923)
+++ data/CVE/list 2016-08-10 21:23:56 UTC (rev 43924)
@@ -3918,13 +3918,14 @@
NOTE: some hardening to discard HTTP_PROXY in the future
CVE-2016-1000111
RESERVED
- - twisted <unfixed>
- [jessie] - twisted <no-dsa> (Minor issue)
+ - twisted <unfixed> (unimportant)
[wheezy] - twisted <not-affected> (For wheezy affected file twcgi.py is in src:twisted-web)
- twisted-web <removed>
[wheezy] - twisted-web <no-dsa> (Minor issue)
NOTE: https://twistedmatrix.com/trac/ticket/8623
NOTE: https://github.com/twisted/twisted/commit/bcac75e6180c9eee4337322c109eb5d1cac51165
+ NOTE: No part of Twisted does set HTTP_PROXY based on a Proxy: header, upstream plans
+ NOTE: to drop related CGI code in future release
CVE-2016-1000108
RESERVED
- yaws 2.0.3-2 (bug #832433)
More information about the Secure-testing-commits
mailing list