[Secure-testing-commits] r47197 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Dec 18 12:40:41 UTC 2016
Author: carnil
Date: 2016-12-18 12:40:41 +0000 (Sun, 18 Dec 2016)
New Revision: 47197
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2016-9964/python-bottle
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-18 11:15:30 UTC (rev 47196)
+++ data/CVE/list 2016-12-18 12:40:41 UTC (rev 47197)
@@ -36,7 +36,7 @@
CVE-2016-582384
REJECTED
CVE-2016-9964 [redirect() doesn't filter "\r\n" which allows for CRLF attack]
- - python-bottle <unfixed> (bug #848392)
+ - python-bottle 0.12.11-1 (bug #848392)
NOTE: Upstream bug: https://github.com/bottlepy/bottle/issues/913
NOTE: Upstream patch: https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54
CVE-2016-9963 [disclosure of private information]
More information about the Secure-testing-commits
mailing list