[Secure-testing-commits] r58310 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Dec 6 21:41:05 UTC 2017


Author: carnil
Date: 2017-12-06 21:41:05 +0000 (Wed, 06 Dec 2017)
New Revision: 58310

Modified:
   data/CVE/list
Log:
Add information for CVE-2016-5713

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-06 21:10:18 UTC (rev 58309)
+++ data/CVE/list	2017-12-06 21:41:05 UTC (rev 58310)
@@ -65653,7 +65653,12 @@
 	NOTE: gentoo released a fix: https://security.gentoo.org/glsa/201710-12
 	NOTE: rosetta stone for puppet version numbers: https://puppet.com/docs/puppet/4.10/about_agent.html
 CVE-2016-5713 (Versions of Puppet Agent prior to 1.6.0 included a version of the ...)
-	TODO: check
+	- puppet 4.7.0-1
+	[jessie] - puppet <not-affected> (Vulnerable code introduced later)
+	[wheezy] - puppet <not-affected> (Vulnerable code introduced later)
+	NOTE: Puppet Agent 1.3.0 (puppet: 4.3.0) - 1.5.x affected
+	NOTE: Resolved in Puppet Agent 1.6.0 (4.6.0)
+	NOTE: https://puppet.com/security/cve/cve-2016-5713
 CVE-2016-5712
 	RESERVED
 CVE-2016-5711 (NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a ...)




More information about the Secure-testing-commits mailing list