[Secure-testing-commits] r51099 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Apr 27 09:05:40 UTC 2017
Author: jmm
Date: 2017-04-27 09:05:40 +0000 (Thu, 27 Apr 2017)
New Revision: 51099
Modified:
data/CVE/list
Log:
mark spip as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-27 06:37:49 UTC (rev 51098)
+++ data/CVE/list 2017-04-27 09:05:40 UTC (rev 51099)
@@ -12961,10 +12961,12 @@
NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-agent.c.diff?r1=1.214&r2=1.215
CVE-2016-9998 (SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability ...)
{DLA-760-1}
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
- spip 3.1.4-1 (bug #848641)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
CVE-2016-9997 (SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability ...)
{DLA-760-1}
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
- spip 3.1.4-1 (bug #848641)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
CVE-2015-8980 [Arbitrary code execution in select_string, ngettext and npgettext count parameter]
@@ -23356,6 +23358,7 @@
RESERVED
CVE-2016-9152 (Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in ...)
{DLA-738-1}
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
- spip 3.1.4-1 (bug #847156)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23290
CVE-2016-9151 (Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x ...)
@@ -27344,6 +27347,7 @@
CVE-2016-7999 (ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote ...)
{DLA-695-1}
- spip 3.1.3-1
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
NOTE: http://seclists.org/fulldisclosure/2016/Oct/78
NOTE: https://core.spip.net/projects/spip/repository/revisions/23180 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23182 (3.1)
@@ -27352,6 +27356,7 @@
CVE-2016-7998 (The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows ...)
{DLA-695-1}
- spip 3.1.3-1
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
NOTE: http://seclists.org/fulldisclosure/2016/Oct/76
NOTE: https://core.spip.net/projects/spip/repository/revisions/23186 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23189 (3.1)
@@ -27416,6 +27421,7 @@
CVE-2016-7982 (Directory traversal vulnerability in ecrire/exec/valider_xml.php in ...)
{DLA-695-1}
- spip 3.1.3-1
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
NOTE: http://seclists.org/fulldisclosure/2016/Oct/73
NOTE: https://core.spip.net/projects/spip/repository/revisions/23180 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23182 (3.1)
@@ -27436,6 +27442,7 @@
CVE-2016-7981 (Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP ...)
{DLA-695-1}
- spip 3.1.3-1
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
NOTE: http://seclists.org/fulldisclosure/2016/Oct/68
NOTE: https://core.spip.net/projects/spip/repository/revisions/23200 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1.x)
@@ -27444,6 +27451,7 @@
CVE-2016-7980 (Cross-site request forgery (CSRF) vulnerability in ...)
{DLA-695-1}
- spip 3.1.3-1
+ [jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
NOTE: http://seclists.org/fulldisclosure/2016/Oct/67
NOTE: https://core.spip.net/projects/spip/repository/revisions/23200 (master)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23201 (3.1)
More information about the Secure-testing-commits
mailing list