[Secure-testing-commits] r58788 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 21 12:27:39 UTC 2017
Author: carnil
Date: 2017-12-21 12:27:39 +0000 (Thu, 21 Dec 2017)
New Revision: 58788
Modified:
data/CVE/list
Log:
Update CVe-2017-17831/git-lfs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 12:25:34 UTC (rev 58787)
+++ data/CVE/list 2017-12-21 12:27:39 UTC (rev 58788)
@@ -1,6 +1,7 @@
CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute ...)
- - git-lfs <unfixed>
- TODO: check
+ - git-lfs <not-affected> (Fixed before initial upload to Debian)
+ NOTE: https://github.com/git-lfs/git-lfs/pull/2242
+ NOTE: https://github.com/git-lfs/git-lfs/releases/tag/v2.1.1
CVE-2017-17830 (Bus Booking Script has CSRF via admin/new_master.php. ...)
NOT-FOR-US: Bus Booking Script
CVE-2017-17829 (Bus Booking Script has SQL Injection via the admin/view_seatseller.php ...)
More information about the Secure-testing-commits
mailing list