[Secure-testing-commits] r54308 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Aug 5 06:29:08 UTC 2017 

Author: carnil
Date: 2017-08-05 06:29:08 +0000 (Sat, 05 Aug 2017)
New Revision: 54308

Modified:
   data/CVE/list
Log:
Add todo items for various CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-05 03:50:37 UTC (rev 54307)
+++ data/CVE/list	2017-08-05 06:29:08 UTC (rev 54308)
@@ -18817,21 +18817,27 @@
 CVE-2016-10206 (Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ...)
 	- zoneminder <unfixed> (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2016-10205 (Session fixation vulnerability in Zoneminder 1.30 and earlier allows ...)
 	- zoneminder <unfixed> (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2016-10204 (SQL injection vulnerability in Zoneminder 1.30 and earlier allows ...)
 	- zoneminder <unfixed> (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2016-10203 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
 	- zoneminder <unfixed> (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2016-10202 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
 	- zoneminder <unfixed> (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2016-10201 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
 	- zoneminder <unfixed> (bug #854272)
 	[jessie] - zoneminder <no-dsa> (Minor issue)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2016-10208 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel ...)
 	- linux 4.9.10-1
 	[jessie] - linux 3.16.43-1
@@ -20812,8 +20818,10 @@
 	RESERVED
 CVE-2017-5368 (ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, ...)
 	- zoneminder <unfixed> (bug #854733)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2017-5367 (Multiple reflected XSS vulnerabilities exist within form and link input ...)
 	- zoneminder <unfixed> (bug #854733)
+	TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
 CVE-2017-5366
 	RESERVED
 CVE-2017-5365

More information about the Secure-testing-commits mailing list