[Secure-testing-commits] r39935 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-02-26 07:22:02 +0000 (Fri, 26 Feb 2016)
New Revision: 39935

Modified:
   data/CVE/list
Log:
Drupal issues fixed in unstable for drupal7

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-26 01:24:50 UTC (rev 39934)
+++ data/CVE/list	2016-02-26 07:22:02 UTC (rev 39935)
@@ -24,19 +24,19 @@
 	- ftpbackup <unfixed> (bug #815878)
 CVE-2016-XXXX [File upload access bypass and denial of service]
 	- drupal8 <itp> (bug #756305)
-	- drupal7 <unfixed>
+	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	TODO: check
 CVE-2016-XXXX [Brute force amplification attacks via XML-RPC]
-	- drupal7 <unfixed>
+	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	TODO: check
 CVE-2016-XXXX [Open redirect via path manipulation]
 	- drupal8 <itp> (bug #756305)
-	- drupal7 <unfixed>
+	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
@@ -60,20 +60,20 @@
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	TODO: check
 CVE-2016-XXXX [Reflected file download vulnerability]
-	- drupal7 <unfixed>
+	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	TODO: check
 CVE-2016-XXXX [Saving user accounts can sometimes grant the user all roles]
-	- drupal7 <unfixed>
+	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	TODO: check
 CVE-2016-XXXX [Email address can be matched to an account]
 	- drupal8 <itp> (bug #756305)
-	- drupal7 <unfixed>
+	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	TODO: check