[Secure-testing-commits] r50276 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Apr 3 09:22:21 UTC 2017
Author: jmm
Date: 2017-04-03 09:22:21 +0000 (Mon, 03 Apr 2017)
New Revision: 50276
Modified:
data/CVE/list
Log:
web2py fixes
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-03 09:10:13 UTC (rev 50275)
+++ data/CVE/list 2017-04-03 09:22:21 UTC (rev 50276)
@@ -35312,9 +35312,11 @@
CVE-2016-4808 (Web2py versions 2.14.5 and below was affected by CSRF (Cross Site ...)
- web2py <unfixed> (bug #856127)
NOTE: https://github.com/web2py/web2py/issues/1585
+ NOTE: https://github.com/web2py/web2py/commit/4bd002aee978813bc664cf186ef38ff4e8bbe1cd
CVE-2016-4807 (Web2py versions 2.14.5 and below was affected by Reflected XSS ...)
- web2py <unfixed> (bug #856127)
NOTE: https://github.com/web2py/web2py/issues/1585
+ NOTE: https://github.com/web2py/web2py/commit/51c3b633fe7ad647bc3013e899c1e3a910362dd1
CVE-2016-4806 (Web2py versions 2.14.5 and below was affected by Local File Inclusion ...)
- web2py <unfixed> (bug #856127)
NOTE: https://github.com/web2py/web2py/issues/1585
More information about the Secure-testing-commits
mailing list