[Secure-testing-commits] r43419 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jul 24 12:07:26 UTC 2016


Author: carnil
Date: 2016-07-24 12:07:26 +0000 (Sun, 24 Jul 2016)
New Revision: 43419

Modified:
   data/CVE/list
Log:
Add todo note for CVE-2015-8379/cakephp

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-07-24 09:45:04 UTC (rev 43418)
+++ data/CVE/list	2016-07-24 12:07:26 UTC (rev 43419)
@@ -20525,6 +20525,7 @@
 	- cakephp <unfixed> (bug #832316)
 	NOTE: http://karmainsecurity.com/KIS-2016-01
 	NOTE: https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0
+	TODO: double-check, upload of 2.8.5-1 to unstable claims this is fixed but not clear from looking at debdiff from 2.8.3-1 to 2.8.5-1
 CVE-2015-8400 (The HTTPS fallback implementation in Shell In A Box (aka shellinabox) ...)
 	- shellinabox 2.19
 	[jessie] - shellinabox <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list