[Secure-testing-commits] r50856 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Thu Apr 20 15:34:10 UTC 2017 

Author: hertzog
Date: 2017-04-20 15:34:10 +0000 (Thu, 20 Apr 2017)
New Revision: 50856

Modified:
   data/CVE/list
Log:
Tag mantis CVE as end-of-life in wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-20 15:32:28 UTC (rev 50855)
+++ data/CVE/list	2017-04-20 15:34:10 UTC (rev 50856)
@@ -192,6 +192,7 @@
 	RESERVED
 CVE-2017-7897 (A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x ...)
 	- mantis <removed>
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 CVE-2017-7896 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
 	NOT-FOR-US: Trend Micro
 CVE-2017-7895
@@ -1027,6 +1028,7 @@
 	NOT-FOR-US: Synology Photo Station
 CVE-2017-7615 (MantisBT through 2.3.0 allows arbitrary password reset and ...)
 	- mantis <removed>
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/16/2
 CVE-2017-7614 (elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
 	- binutils 2.28-4 (low; bug #859989)
@@ -1861,6 +1863,7 @@
 	NOT-FOR-US: Sync Breeze Enterprise
 CVE-2017-7309 (A cross-site scripting (XSS) vulnerability in the MantisBT ...)
 	- mantis <removed>
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
 CVE-2017-7307 (Riverbed RiOS before 9.0.1 does not properly restrict shell access in ...)
 	NOT-FOR-US: Riverbed RiOS
@@ -2279,6 +2282,7 @@
 	NOT-FOR-US: SLiMS
 CVE-2017-7241 (A cross-site scripting (XSS) vulnerability in the MantisBT Move ...)
 	- mantis <removed>
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
 CVE-2017-7240 (An issue was discovered on Miele Professional PG 8528 PST10 devices. ...)
 	NOT-FOR-US: Miele Professional PG 8528 PST10 devices
@@ -2365,6 +2369,7 @@
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=69ace2200106348a1b00d509a6a234337c104c17
 CVE-2017-7222 (A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 ...)
 	- mantis <removed>
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 CVE-2017-7221
 	RESERVED
 CVE-2017-7220
@@ -2932,6 +2937,7 @@
 	NOT-FOR-US: Apple
 CVE-2017-6973 (A cross-site scripting (XSS) vulnerability in the MantisBT ...)
 	- mantis <removed>
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/03/30/4
 CVE-2017-6972 (Unspecified vulnerability in AlienVault USM and OSSIM before 5.3.7 and ...)
 	NOT-FOR-US: AlienVault
@@ -3389,10 +3395,12 @@
 	NOTE: Fixed by: https://github.com/Yeraze/ytnef/commit/f98f5d4adc1c4bd4033638f6167c1bb95d642f89
 CVE-2017-6799 (A cross-site scripting (XSS) vulnerability in view_filters_page.php in ...)
 	- mantis <not-affected> (Vulnerable versions only 2.1.0 through 2.2.0)
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/1677251434b6e8b2be8f1d4376a3e78f7be14d95
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=22497
 CVE-2017-6797 (A cross-site scripting (XSS) vulnerability in ...)
 	- mantis <removed>
+	[wheezy] - mantis <end-of-life> (Unsupported in Wheezy LTS)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/a2d90ecabf3bcf3aa22ed9dbbecfd3d37902956f
 	NOTE: https://github.com/mantisbt/mantisbt/commit/c272c3f65da9677e505ff692b1f1e476b3afa56e
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=22486

More information about the Secure-testing-commits mailing list