[Secure-testing-commits] r51100 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Apr 27 09:07:49 UTC 2017
Author: carnil
Date: 2017-04-27 09:07:49 +0000 (Thu, 27 Apr 2017)
New Revision: 51100
Modified:
data/CVE/list
Log:
Correct spip version, three CVEs only fixed in 3.1.4-2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-27 09:05:40 UTC (rev 51099)
+++ data/CVE/list 2017-04-27 09:07:49 UTC (rev 51100)
@@ -12961,13 +12961,13 @@
NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-agent.c.diff?r1=1.214&r2=1.215
CVE-2016-9998 (SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability ...)
{DLA-760-1}
+ - spip 3.1.4-2 (bug #848641)
[jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
- - spip 3.1.4-1 (bug #848641)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
CVE-2016-9997 (SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability ...)
{DLA-760-1}
+ - spip 3.1.4-2 (bug #848641)
[jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
- - spip 3.1.4-1 (bug #848641)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23288
CVE-2015-8980 [Arbitrary code execution in select_string, ngettext and npgettext count parameter]
RESERVED
@@ -23358,8 +23358,8 @@
RESERVED
CVE-2016-9152 (Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in ...)
{DLA-738-1}
+ - spip 3.1.4-2 (bug #847156)
[jessie] - spip <no-dsa> (Will be fixed in next jessie point update)
- - spip 3.1.4-1 (bug #847156)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23290
CVE-2016-9151 (Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x ...)
NOT-FOR-US: PAN-OS
More information about the Secure-testing-commits
mailing list