[Secure-testing-commits] r39100 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jan 23 13:20:54 UTC 2016


Author: carnil
Date: 2016-01-23 13:20:54 +0000 (Sat, 23 Jan 2016)
New Revision: 39100

Modified:
   data/CVE/list
Log:
Add bug reference for cgit issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-23 11:29:22 UTC (rev 39099)
+++ data/CVE/list	2016-01-23 13:20:54 UTC (rev 39100)
@@ -324,13 +324,13 @@
 	NOTE: https://bugs.php.net/bug.php?id=70976
 	TODO: check
 CVE-2016-1901 (Integer overflow in the authenticate_post function in CGit before 0.12 ...)
-	- cgit <unfixed>
+	- cgit <unfixed> (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763 (v0.12)
 CVE-2016-1900 (CRLF injection vulnerability in the cgit_print_http_headers function ...)
-	- cgit <unfixed>
+	- cgit <unfixed> (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463 (v0.12)
 CVE-2016-1899 (CRLF injection vulnerability in the ui-blob handler in CGit before ...)
-	- cgit <unfixed>
+	- cgit <unfixed> (bug #812411)
 	NOTE: http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96 (v0.12)
 CVE-2016-1896
 	RESERVED




More information about the Secure-testing-commits mailing list