[Secure-testing-commits] r54917 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 20 19:04:57 UTC 2017
Author: carnil
Date: 2017-08-20 19:04:57 +0000 (Sun, 20 Aug 2017)
New Revision: 54917
Modified:
data/CVE/list
Log:
Add git-annex issue
Not associating the issue with CVE-2017-1000117 since it similar but
different issue, and in different codebase.
Requested a separate CVE id.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-20 16:56:22 UTC (rev 54916)
+++ data/CVE/list 2017-08-20 19:04:57 UTC (rev 54917)
@@ -1,3 +1,8 @@
+CVE-2017-XXXX [Command injection via malicious ssh URLs]
+ - git-annex 6.20170818-1
+ NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commitdiff;h=c24d0f0
+ NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commitdiff;h=df11e54788b254efebb4898b474de11ae8d3b471
+ NOTE: This is similar class of issue as for CVE-2017-1000117/git
CVE-2017-12971
RESERVED
CVE-2017-12970
More information about the Secure-testing-commits
mailing list