[Secure-testing-commits] r39990 - data/CVE

Sat Feb 27 14:58:03 UTC 2016

Author: carnil
Date: 2016-02-27 14:58:02 +0000 (Sat, 27 Feb 2016)
New Revision: 39990

Modified:
   data/CVE/list
Log:
Referece CVE request URL

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-02-27 12:51:28 UTC (rev 39989)
+++ data/CVE/list	2016-02-27 14:58:02 UTC (rev 39990)
@@ -115,62 +115,62 @@
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Brute force amplification attacks via XML-RPC]
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Open redirect via path manipulation]
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Form API ignores access restrictions on submit buttons]
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [HTTP header injection using line breaks]
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Open redirect via double-encoded 'destination' parameter]
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Reflected file download vulnerability]
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Saving user accounts can sometimes grant the user all roles]
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Email address can be matched to an account]
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-XXXX [Session data truncation can lead to unserialization of user provided data]
 	- drupal7 <not-affected> (Only affects Drupal 6)
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
-	TODO: check
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-2541
 	RESERVED
 CVE-2016-2540


