[Secure-testing-commits] r58469 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 11 19:51:00 UTC 2017
Author: carnil
Date: 2017-12-11 19:51:00 +0000 (Mon, 11 Dec 2017)
New Revision: 58469
Modified:
data/CVE/list
Log:
Three salt issues fixed with upstream 2016.11.8 release and uploaded to unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-11 19:44:45 UTC (rev 58468)
+++ data/CVE/list 2017-12-11 19:51:00 UTC (rev 58469)
@@ -10932,11 +10932,11 @@
CVE-2017-14697
RESERVED
CVE-2017-14696 (SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and ...)
- - salt <unfixed> (bug #879090)
+ - salt 2016.11.8+dfsg1-1 (bug #879090)
NOTE: Fixed by: https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b
NOTE: Fixed by: https://github.com/saltstack/salt/commit/89e084bda356739de645c15e7d1968afebdcc56e (2016.11)
CVE-2017-14695 (Directory traversal vulnerability in minion id validation in SaltStack ...)
- - salt <unfixed> (bug #879089)
+ - salt 2016.11.8+dfsg1-1 (bug #879089)
NOTE: Fixed by: https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
NOTE: Fixed by: https://github.com/saltstack/salt/commit/206ae23f15cb7ec95a07dee4cbe9802da84f9c42 (2016.11)
CVE-2017-14694 (Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 ...)
@@ -16682,7 +16682,7 @@
CVE-2017-12792 (Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP ...)
NOT-FOR-US: NexusPHP
CVE-2017-12791 (Directory traversal vulnerability in minion id validation in SaltStack ...)
- - salt <unfixed> (bug #872399)
+ - salt 2016.11.8+dfsg1-1 (bug #872399)
[stretch] - salt <no-dsa> (Minor issue)
[jessie] - salt <no-dsa> (Minor issue)
NOTE: https://github.com/saltstack/salt/pull/42944
More information about the Secure-testing-commits
mailing list