[Secure-testing-commits] r38664 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 3 13:47:32 UTC 2016
Author: carnil
Date: 2016-01-03 13:47:32 +0000 (Sun, 03 Jan 2016)
New Revision: 38664
Modified:
data/CVE/list
Log:
Update CVE-2015-5271/tripleo-heat-templates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-03 13:18:00 UTC (rev 38663)
+++ data/CVE/list 2016-01-03 13:47:32 UTC (rev 38664)
@@ -12194,10 +12194,12 @@
- moodle 2.7.10+dfsg-1 (bug #799634)
[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576
-CVE-2015-5271
+CVE-2015-5271 [unsafe pipeline ordering of swift staticweb middleware]
RESERVED
- - tripleo-heat-templates <undetermined>
- TODO: check
+ - tripleo-heat-templates <not-affected> (Vulnerability introduced later)
+ NOTE: Fixed by: https://github.com/openstack/tripleo-heat-templates/commit/1730d95acdbee7c7bbcfe1eba8a48ef2b0cc1476
+ NOTE: Introduced by: https://github.com/openstack/tripleo-heat-templates/commit/65d64b6a52366f36955e5e48a29f4ef0ca2ff973 (0.8.2) [Puppet: Swift Overcloud Proxy/Storage support]
+ NOTE: https://bugs.launchpad.net/tripleo/+bug/1494896
CVE-2015-5270
REJECTED
CVE-2015-5269 [MSA-15-0036: XSS in grouping description]
More information about the Secure-testing-commits
mailing list