[Secure-testing-commits] r46363 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 20 18:44:14 UTC 2016
Author: carnil
Date: 2016-11-20 18:44:14 +0000 (Sun, 20 Nov 2016)
New Revision: 46363
Modified:
data/CVE/list
Log:
CVEs assigned for drupal
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-20 18:42:42 UTC (rev 46362)
+++ data/CVE/list 2016-11-20 18:44:14 UTC (rev 46363)
@@ -170,29 +170,29 @@
NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
-CVE-2016-XXXX [Denial of service via transliterate mechanism]
+CVE-2016-9452 [Denial of service via transliterate mechanism]
- drupal8 <itp> (bug #756305)
- drupal7 <not-affected> (Only affects Drupal 8)
NOTE: https://www.drupal.org/SA-CORE-2016-005
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-XXXX [Confirmation forms allow external URLs to be injected]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
+CVE-2016-9451 [Confirmation forms allow external URLs to be injected]
- drupal7 7.52-1
[jessie] - drupal7 7.32-1+deb8u8
NOTE: Workaround entry for DSA-3718-1 until CVE is assigned
NOTE: https://www.drupal.org/SA-CORE-2016-005
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-XXXX [Incorrect cache context on password reset page]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
+CVE-2016-9450 [Incorrect cache context on password reset page]
- drupal8 <itp> (bug #756305)
- drupal7 <not-affected> (Only affects Drupal 8)
NOTE: https://www.drupal.org/SA-CORE-2016-005
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/18/8
-CVE-2016-XXXX [Inconsistent name for term access query]
+ NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
+CVE-2016-9449 [Inconsistent name for term access query]
- drupal8 <itp> (bug #756305)
- drupal7 7.52-1
[jessie] - drupal7 7.32-1+deb8u8
NOTE: Workaround entry for DSA-3718-1 until CVE is assigned
NOTE: https://www.drupal.org/SA-CORE-2016-005
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/18/8
+ NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
CVE-2016-9443
RESERVED
- w3m 0.5.3-30
More information about the Secure-testing-commits
mailing list