[Secure-testing-commits] r54919 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 20 20:26:42 UTC 2017
Author: carnil
Date: 2017-08-20 20:26:42 +0000 (Sun, 20 Aug 2017)
New Revision: 54919
Modified:
data/CVE/list
Log:
Update notes for git-annex issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-20 20:25:31 UTC (rev 54918)
+++ data/CVE/list 2017-08-20 20:26:42 UTC (rev 54919)
@@ -1,7 +1,8 @@
CVE-2017-12976 [Command injection via malicious ssh URLs]
- git-annex 6.20170818-1
- NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commitdiff;h=c24d0f0
- NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commitdiff;h=df11e54788b254efebb4898b474de11ae8d3b471
+ NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commit;h=df11e54788b254efebb4898b474de11ae8d3b471
+ NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commit;h=c24d0f0e8984576654e2be149005bc884fe0403a
+ NOTE: http://source.git-annex.branchable.com/?p=source.git;a=blob;f=doc/bugs/dashed_ssh_hostname_security_hole.mdwn
NOTE: This is similar class of issue as for CVE-2017-1000117/git
CVE-2017-12971
RESERVED
More information about the Secure-testing-commits
mailing list