[Secure-testing-commits] r58815 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Dec 21 19:28:43 UTC 2017
Author: jmm
Date: 2017-12-21 19:28:42 +0000 (Thu, 21 Dec 2017)
New Revision: 58815
Modified:
data/CVE/list
Log:
one otrs issue ignored
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 19:28:08 UTC (rev 58814)
+++ data/CVE/list 2017-12-21 19:28:42 UTC (rev 58815)
@@ -27654,7 +27654,6 @@
RESERVED
CVE-2017-10908 [h2o 2.2.x: crash when handling malformed HTTP/2 request]
- h2o 2.2.4+dfsg-1 (medium)
- NOTE: fixed in 2.2.4
NOTE: https://github.com/h2o/h2o/issues/1544
CVE-2017-10907
RESERVED
@@ -27728,7 +27727,6 @@
NOT-FOR-US: OpenAM
CVE-2017-10872 [h2o: 2.2.x: crash when logging TLS 1.3 properties in h2o]
- h2o 2.2.4+dfsg-1 (medium)
- NOTE: Fixed in 2.2.4
NOTE: https://github.com/h2o/h2o/issues/1543
CVE-2017-10871 (Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version ...)
NOT-FOR-US: NTT DOCOMO Wi-Fi STATION L-02F Software
@@ -27736,11 +27734,9 @@
NOT-FOR-US: Rakuraku Hagaki
CVE-2017-10869 [h2o 2.2.x: stack overflow when sending huge request body to upstream]
- h2o 2.2.3+dfsg-1 (medium)
- NOTE: Fixed in 2.2.3
NOTE: https://github.com/h2o/h2o/issues/1460
CVE-2017-10868 [h2o 2.2.x: crash when receiving HTTP/1 request with invalid framing]
- h2o 2.2.3+dfsg-1 (medium)
- NOTE: Fixed in 2.2.3
NOTE: https://github.com/h2o/h2o/issues/1459
CVE-2017-10867
RESERVED
@@ -60684,7 +60680,7 @@
CVE-2016-9139 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
{DLA-787-1}
- otrs2 5.0.14-1 (bug #843091)
- [jessie] - otrs2 <no-dsa> (Minor issue)
+ [jessie] - otrs2 <ignored> (Minor issue)
NOTE: https://www.otrs.com/security-advisory-2016-02-security-update-otrs/
NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/5
NOTE: upstream fix likely https://github.com/OTRS/otrs/commit/6578a8bcf82529461302291ab3fcb500363b005a
More information about the Secure-testing-commits
mailing list