[Secure-testing-commits] r58290 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 6 09:25:45 UTC 2017
Author: carnil
Date: 2017-12-06 09:25:45 +0000 (Wed, 06 Dec 2017)
New Revision: 58290
Modified:
data/CVE/list
Log:
Add CVE-2017-17434/rsync
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-06 09:23:35 UTC (rev 58289)
+++ data/CVE/list 2017-12-06 09:25:45 UTC (rev 58290)
@@ -7,7 +7,9 @@
CVE-2017-17435
RESERVED
CVE-2017-17434 (The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, ...)
- TODO: check
+ - rsync <unfixed>
+ NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=5509597decdbd7b91994210f700329d8a35e70a1
+ NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=70aeb5fddd1b2f8e143276f8d5a085db16c593b9
CVE-2017-17433 (The recv_files function in receiver.c in the daemon in rsync 3.1.2, and ...)
TODO: check
CVE-2017-17431 (GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, ...)
More information about the Secure-testing-commits
mailing list