[Secure-testing-commits] r58355 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Dec 8 09:16:56 UTC 2017


Author: carnil
Date: 2017-12-08 09:16:56 +0000 (Fri, 08 Dec 2017)
New Revision: 58355

Modified:
   data/CVE/list
Log:
Add CVE-2017-17461/node-marked

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-08 09:10:15 UTC (rev 58354)
+++ data/CVE/list	2017-12-08 09:16:56 UTC (rev 58355)
@@ -27,7 +27,9 @@
 CVE-2017-17462
 	RESERVED
 CVE-2017-17461 (A Regular expression Denial of Service (ReDoS) vulnerability in the ...)
-	TODO: check
+	- node-marked <unfixed> (unimportant)
+	NOTE: https://www.checkmarx.com/advisories/regular-expression-denial-service-redos-vulnerability-marked-npm-package/
+	NOTE: nodejs not covered by security support
 CVE-2017-17460
 	RESERVED
 CVE-2018-1340




More information about the Secure-testing-commits mailing list