[Secure-testing-commits] r46298 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 18 05:03:44 UTC 2016
Author: carnil
Date: 2016-11-18 05:03:44 +0000 (Fri, 18 Nov 2016)
New Revision: 46298
Modified:
data/CVE/list
Log:
Add note so we know once assigned where to update DSA list as well
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-18 05:00:32 UTC (rev 46297)
+++ data/CVE/list 2016-11-18 05:03:44 UTC (rev 46298)
@@ -12,6 +12,7 @@
CVE-2016-XXXX [Confirmation forms allow external URLs to be injected]
- drupal7 <unfixed>
[jessie] - drupal7 7.32-1+deb8u8
+ NOTE: Workaround entry for DSA-3718-1 until CVE is assigned
NOTE: https://www.drupal.org/SA-CORE-2016-005
CVE-2016-XXXX [Incorrect cache context on password reset page]
- drupal8 <itp> (bug #756305)
@@ -21,6 +22,7 @@
- drupal8 <itp> (bug #756305)
- drupal7 <unfixed>
[jessie] - drupal7 7.32-1+deb8u8
+ NOTE: Workaround entry for DSA-3718-1 until CVE is assigned
NOTE: https://www.drupal.org/SA-CORE-2016-005
CVE-2016-9399 [jpc_dec.c:1650: void calcstepsizes(uint_fast16_t, int, uint_fast16_t *): Assertion `!((expn + (numrlvls - 1) - (numrlvls - 1 - ((bandno > 0) ? ((bandno + 2) / 3) : (0)))) & (~0x1f))' failed.]
- jasper <removed> (unimportant)
More information about the Secure-testing-commits
mailing list