[Secure-testing-commits] r38960 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Fri Jan 15 22:28:01 UTC 2016
Author: fgeek-guest
Date: 2016-01-15 22:28:01 +0000 (Fri, 15 Jan 2016)
New Revision: 38960
Modified:
data/CVE/list
Log:
CVE-2015-8379/cakephp
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-15 22:14:19 UTC (rev 38959)
+++ data/CVE/list 2016-01-15 22:28:01 UTC (rev 38960)
@@ -5356,8 +5356,11 @@
{DLA-362-1}
- dhcpcd <removed>
NOTE: https://launchpadlibrarian.net/228152582/dhcp.c.patch
-CVE-2015-8379
+CVE-2015-8379 [cakephp: CSRF protection bypass]
RESERVED
+ - cakephp <unfixed>
+ NOTE: http://karmainsecurity.com/KIS-2016-01
+ TODO: check
CVE-2015-8400 (The HTTPS fallback implementation in Shell In A Box (aka shellinabox) ...)
- shellinabox 2.19
[jessie] - shellinabox <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list