[Secure-testing-commits] r39229 - data/CVE
Alessandro Ghedini
ghedo at moszumanska.debian.org
Wed Jan 27 11:57:31 UTC 2016
Author: ghedo
Date: 2016-01-27 11:57:31 +0000 (Wed, 27 Jan 2016)
New Revision: 39229
Modified:
data/CVE/list
Log:
Add curl entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-27 09:40:52 UTC (rev 39228)
+++ data/CVE/list 2016-01-27 11:57:31 UTC (rev 39229)
@@ -3810,10 +3810,17 @@
RESERVED
CVE-2016-0756
RESERVED
-CVE-2016-0755
+CVE-2016-0755 [NTLM credentials not-checked for proxy connection re-use]
RESERVED
-CVE-2016-0754
+ - curl 7.47.0-1
+ [wheezy] - curl <no-dsa> (Too intrusive to backport)
+ NOTE: http://curl.haxx.se/docs/adv_20160127A.html
+CVE-2016-0754 [remote file name path traversal in curl tool for Windows]
RESERVED
+ - curl <not-affected> (Windows only)
+ [jessie] - curl <not-affected> (Windows only)
+ [wheezy] - curl <not-affected> (Windows only)
+ NOTE: http://curl.haxx.se/docs/adv_20160127B.html
CVE-2016-0753 [Possible Input Validation Circumvention in Active Model]
RESERVED
- rails <unfixed>
More information about the Secure-testing-commits
mailing list