[Secure-testing-commits] r58324 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 7 13:46:59 UTC 2017
Author: carnil
Date: 2017-12-07 13:46:59 +0000 (Thu, 07 Dec 2017)
New Revision: 58324
Modified:
data/CVE/list
Log:
Add CVE-2017-16854/otrs2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-07 13:35:28 UTC (rev 58323)
+++ data/CVE/list 2017-12-07 13:46:59 UTC (rev 58324)
@@ -4248,8 +4248,13 @@
NOT-FOR-US: Atlassian Confluence
CVE-2017-16855 (Ipsilon before 2.1.0 has a "SAML2 multi-session vulnerability." ...)
- ipsilon <itp> (bug #826838)
-CVE-2017-16854
+CVE-2017-16854 [OSA-2017-08: Information Disclosure]
RESERVED
+ - otrs2 <unfixed>
+ NOTE: https://www.otrs.com/security-advisory-2017-08-security-update-otrs-framework/
+ NOTE: OTRS-6: https://github.com/OTRS/otrs/commit/867aba14900f17caacb0285a08b6981bbdbbe016
+ NOTE: OTRS-5: https://github.com/OTRS/otrs/commit/8748d040058695fda5c9cfcb2a78d8947ed4188d
+ NOTE: OTRS-4: https://github.com/OTRS/otrs/commit/e0deab303e3d0f7c860bba291410512734f4d6b0
CVE-2017-16851 (Zoho ManageEngine Applications Manager 13 allows SQL injection via the ...)
NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2017-16850 (Zoho ManageEngine Applications Manager 13 allows SQL injection via the ...)
More information about the Secure-testing-commits
mailing list