[Secure-testing-commits] r45990 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 5 10:24:33 UTC 2016
Author: carnil
Date: 2016-11-05 10:24:33 +0000 (Sat, 05 Nov 2016)
New Revision: 45990
Modified:
data/CVE/list
Log:
Add CVE-2016-9189/pillow
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-05 10:23:26 UTC (rev 45989)
+++ data/CVE/list 2016-11-05 10:24:33 UTC (rev 45990)
@@ -8,7 +8,10 @@
NOTE: https://github.com/python-pillow/Pillow/issues/2105
NOTE: https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af
CVE-2016-9189 (Pillow before 3.3.2 allows context-dependent attackers to obtain ...)
- TODO: check
+ - pillow 3.4.2-1
+ - python-imaging <removed>
+ NOTE: https://github.com/python-pillow/Pillow/issues/2105
+ NOTE: https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f
CVE-2016-9188 (Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before ...)
TODO: check
CVE-2016-9187 (Unrestricted file upload vulnerability in the double extension support ...)
More information about the Secure-testing-commits
mailing list