[Secure-testing-commits] r44347 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-09-05 19:47:54 +0000 (Mon, 05 Sep 2016)
New Revision: 44347

Modified:
   data/CVE/list
Log:
Add CVE-2016-7123/mailman

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-09-05 18:14:32 UTC (rev 44346)
+++ data/CVE/list	2016-09-05 19:47:54 UTC (rev 44347)
@@ -95,6 +95,10 @@
 	NOTE: Fixed in 7.0.10, 5.6.25
 	NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5
 	NOTE: https://github.com/php/php-src/commit/20ce2fe8e3c211a42fee05a461a5881be9a8790e?w=1
+CVE-2016-7123 [Missing CSRF protection in admin web interface]
+	- mailman 2.1.15-1
+	NOTE: https://bugs.launchpad.net/mailman/+bug/1614841/comments/8
+	NOTE: https://bugs.launchpad.net/mailman/+bug/775294
 CVE-2016-7119 (Cross-site scripting (XSS) vulnerability in the user-profile biography ...)
 	TODO: check
 CVE-2016-7117