[Secure-testing-commits] r54816 - data/CVE
Ola Lundqvist
opal at moszumanska.debian.org
Thu Aug 17 17:55:07 UTC 2017
Author: opal
Date: 2017-08-17 17:55:07 +0000 (Thu, 17 Aug 2017)
New Revision: 54816
Modified:
data/CVE/list
Log:
Triaging.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-17 17:30:23 UTC (rev 54815)
+++ data/CVE/list 2017-08-17 17:55:07 UTC (rev 54816)
@@ -620,6 +620,7 @@
- python-numpy <unfixed> (bug #872407)
[stretch] - python-numpy <no-dsa> (Minor issue)
[jessie] - python-numpy <no-dsa> (Minor issue)
+ [wheezy] - python-numpy <no-dsa> (Minor issue)
NOTE: https://github.com/numpy/numpy/issues/9560#issuecomment-322395292
CVE-2017-12851 (An authenticated standard user could reset the password of the admin ...)
- kanboard <itp> (bug #790814)
@@ -633,6 +634,7 @@
RESERVED
- nagios3 <removed>
[jessie] - nagios3 <no-dsa> (Minor issue)
+ [wheezy] - nagios3 <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/16/7
NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/404
NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/1b197346d490df2e2d3b1dcce5ac6134ad0c8752
@@ -14970,6 +14972,9 @@
NOTE: Fixed by: http://svn.apache.org/r1795815 (8.0.x)
NOTE: Fixed by: http://svn.apache.org/r1795816 (7.0.x)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61101
+ NOTE: For wheezy it is not clear whether the vulnerability is there or not. The source
+ NOTE: do not contain the modified file but no other file set the Vary header either.
+ NOTE: Further triaging is needed for wheezy.
CVE-2017-7673 (Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, ...)
NOT-FOR-US: Apache OpenMeetings
CVE-2017-7672 (If an application allows enter an URL in a form field and built-in ...)
More information about the Secure-testing-commits
mailing list