[Secure-testing-commits] r45903 - data/CVE
Jonas Meurer
mejo at moszumanska.debian.org
Wed Nov 2 20:37:59 UTC 2016
Author: mejo
Date: 2016-11-02 20:37:59 +0000 (Wed, 02 Nov 2016)
New Revision: 45903
Modified:
data/CVE/list
Log:
Update info for open SPIP CVEs in data/CVE/list
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-02 20:36:40 UTC (rev 45902)
+++ data/CVE/list 2016-11-02 20:37:59 UTC (rev 45903)
@@ -3617,9 +3617,10 @@
RESERVED
- spip 3.1.3-1
NOTE: http://seclists.org/fulldisclosure/2016/Oct/78
- NOTE: https://core.spip.net/projects/spip/repository/revisions/23185 (master)
- NOTE: https://core.spip.net/projects/spip/repository/revisions/23188 (3.1)
- NOTE: https://core.spip.net/projects/spip/repository/revisions/23193 (3.0)
+ NOTE: https://core.spip.net/projects/spip/repository/revisions/23180 (master)
+ NOTE: https://core.spip.net/projects/spip/repository/revisions/23182 (3.1)
+ NOTE: https://core.spip.net/projects/spip/repository/revisions/23184 (3.0)
+ NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
CVE-2016-7998 [Template Compiler/Composer PHP Code Execution]
RESERVED
- spip 3.1.3-1
@@ -3627,6 +3628,7 @@
NOTE: https://core.spip.net/projects/spip/repository/revisions/23186 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23189 (3.1)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23192 (3.0)
+ NOTE: reproducible in Jessie (3.0.17-2+deb8u2)
CVE-2016-7997 [denial of service via a crash due to an assertion]
RESERVED
{DLA-683-1}
@@ -3701,6 +3703,7 @@
NOTE: https://core.spip.net/projects/spip/repository/revisions/23206 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23207 (3.1)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23208 (3.0)
+ NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
CVE-2016-7981 [Reflected Cross-Site Scripting]
RESERVED
- spip 3.1.3-1
@@ -3708,6 +3711,7 @@
NOTE: https://core.spip.net/projects/spip/repository/revisions/23200 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1.x)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23202 (3.0.x)
+ NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
CVE-2016-7980 [Cross-Site Request Forgery]
RESERVED
- spip 3.1.3-1
@@ -3715,6 +3719,7 @@
NOTE: https://core.spip.net/projects/spip/repository/revisions/23200 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23202 (3.0)
+ NOTE: reproducible in Wheezy (2.1.17-1+deb7u5) and Jessie (3.0.17-2+deb8u2)
CVE-2016-7975
RESERVED
CVE-2016-7974
More information about the Secure-testing-commits
mailing list