[Secure-testing-commits] r54411 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 8 04:20:15 UTC 2017
Author: carnil
Date: 2017-08-08 04:20:15 +0000 (Tue, 08 Aug 2017)
New Revision: 54411
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2017-7481/ansible, #862666
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-07 21:26:15 UTC (rev 54410)
+++ data/CVE/list 2017-08-08 04:20:15 UTC (rev 54411)
@@ -14345,7 +14345,7 @@
NOTE: Fixed by: https://git.kernel.org/linus/5f2f97656ada8d811d3c1bef503ced266fcd53a0
CVE-2017-7481 [Security issue with lookup return not tainting the jinja2 environment]
RESERVED
- - ansible <unfixed> (bug #862666)
+ - ansible 2.3.1.0+dfsg-1 (bug #862666)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1450018
NOTE: Fixed by: https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2
CVE-2017-7480 (rkhunter versions before 1.4.4 are vulnerable to file download over ...)
More information about the Secure-testing-commits
mailing list