[Secure-testing-commits] r50450 - data/CVE
Chris Lamb
lamby at moszumanska.debian.org
Fri Apr 7 21:13:21 UTC 2017
Author: lamby
Date: 2017-04-07 21:13:21 +0000 (Fri, 07 Apr 2017)
New Revision: 50450
Modified:
data/CVE/list
Log:
CVE-2017-7572/backintime: not in 1.0.10-1/wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-07 21:10:12 UTC (rev 50449)
+++ data/CVE/list 2017-04-07 21:13:21 UTC (rev 50450)
@@ -31,6 +31,7 @@
CVE-2017-7572 (The _checkPolkitPrivilege function in serviceHelper.py in Back In Time ...)
- backintime <unfixed> (bug #859815)
[jessie] - backintime <no-dsa> (Minor issue)
+ [wheezy] - backintime <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/04/07/2
NOTE: https://github.com/bit-team/backintime/commit/7f208dc547f569b689c888103e3b593a48cd1869
CVE-2017-7571 (public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is ...)
More information about the Secure-testing-commits
mailing list