[Secure-testing-commits] r39985 - data/CVE
Paul Wise
pabs at moszumanska.debian.org
Sat Feb 27 10:36:05 UTC 2016
Author: pabs
Date: 2016-02-27 10:36:05 +0000 (Sat, 27 Feb 2016)
New Revision: 39985
Modified:
data/CVE/list
Log:
regex DoS in uglifyjs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-27 10:28:47 UTC (rev 39984)
+++ data/CVE/list 2016-02-27 10:36:05 UTC (rev 39985)
@@ -544,6 +544,10 @@
NOT-FOR-US: SAP
CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE ...)
NOT-FOR-US: SAP
+CVE-2015-XXXX [regex DoS]
+ - uglifyjs <unfixed>
+ NOTE: fixed in 2.6.0
+ NOTE: https://nodesecurity.io/advisories/48
CVE-2015-XXXX [root path disclosure]
- node-send <unfixed>
NOTE: fixed in 0.11.1
More information about the Secure-testing-commits
mailing list