[Secure-testing-commits] r54233 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 3 15:07:39 UTC 2017
Author: carnil
Date: 2017-08-03 15:07:39 +0000 (Thu, 03 Aug 2017)
New Revision: 54233
Modified:
data/CVE/list
Log:
Two cacti issues fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-03 14:32:06 UTC (rev 54232)
+++ data/CVE/list 2017-08-03 15:07:39 UTC (rev 54233)
@@ -715,14 +715,14 @@
NOTE: Upstream bug report https://sourceforge.net/p/potrace/bugs/22/
NOTE: Crash only in CLI tool mkbitmap, negligible security impact
CVE-2017-12066 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...)
- - cacti <unfixed> (bug #870354)
+ - cacti 1.1.16+ds1-1 (bug #870354)
[stretch] - cacti <not-affected> (Vulnerable code introduced later)
[jessie] - cacti <not-affected> (Vulnerable code introduced later)
[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e
NOTE: https://github.com/Cacti/cacti/issues/877
CVE-2017-12065 (spikekill.php in Cacti before 1.1.16 might allow remote attackers to ...)
- - cacti <unfixed> (bug #870353)
+ - cacti 1.1.16+ds1-1 (bug #870353)
[stretch] - cacti <not-affected> (Vulnerable code introduced later)
[jessie] - cacti <not-affected> (Vulnerable code introduced later)
[wheezy] - cacti <not-affected> (Vulnerable code introduced later)
More information about the Secure-testing-commits
mailing list