[Secure-testing-commits] r54193 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Aug 2 10:26:49 UTC 2017
Author: carnil
Date: 2017-08-02 10:26:49 +0000 (Wed, 02 Aug 2017)
New Revision: 54193
Modified:
data/CVE/list
Log:
Add new varnish issue, #870467
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-02 09:19:04 UTC (rev 54192)
+++ data/CVE/list 2017-08-02 10:26:49 UTC (rev 54193)
@@ -1,3 +1,9 @@
+CVE-2107-XXXX [Bogusly large chunk sizes may cause assert]
+ - varnish <unfixed> (bug #870467)
+ [wheezy] - varnish <not-affected> (Vulnerable code not present)
+ NOTE: https://www.varnish-cache.org/security/VSV00001.html#vsv00001
+ NOTE: https://github.com/varnishcache/varnish-cache/issues/2379
+ NOTE: https://github.com/varnishcache/varnish-cache/commit/09731b24b2225e3c0d66d3ec1b4fedef6fa22b6e
CVE-2017-12200 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS ...)
TODO: check
CVE-2017-12199 (The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL ...)
More information about the Secure-testing-commits
mailing list