[Secure-testing-commits] r58815 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Dec 21 19:28:43 UTC 2017


Author: jmm
Date: 2017-12-21 19:28:42 +0000 (Thu, 21 Dec 2017)
New Revision: 58815

Modified:
   data/CVE/list
Log:
one otrs issue ignored


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-21 19:28:08 UTC (rev 58814)
+++ data/CVE/list	2017-12-21 19:28:42 UTC (rev 58815)
@@ -27654,7 +27654,6 @@
 	RESERVED
 CVE-2017-10908 [h2o 2.2.x: crash when handling malformed HTTP/2 request]
 	- h2o 2.2.4+dfsg-1 (medium)
-	NOTE: fixed in 2.2.4
 	NOTE: https://github.com/h2o/h2o/issues/1544
 CVE-2017-10907
 	RESERVED
@@ -27728,7 +27727,6 @@
 	NOT-FOR-US: OpenAM
 CVE-2017-10872 [h2o: 2.2.x: crash when logging TLS 1.3 properties in h2o]
 	- h2o 2.2.4+dfsg-1 (medium)
-	NOTE: Fixed in 2.2.4
 	NOTE: https://github.com/h2o/h2o/issues/1543
 CVE-2017-10871 (Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version ...)
 	NOT-FOR-US: NTT DOCOMO Wi-Fi STATION L-02F Software
@@ -27736,11 +27734,9 @@
 	NOT-FOR-US: Rakuraku Hagaki
 CVE-2017-10869 [h2o 2.2.x: stack overflow when sending huge request body to upstream]
 	- h2o 2.2.3+dfsg-1 (medium)
-	NOTE: Fixed in 2.2.3
 	NOTE: https://github.com/h2o/h2o/issues/1460
 CVE-2017-10868 [h2o 2.2.x: crash when receiving HTTP/1 request with invalid framing]
 	- h2o 2.2.3+dfsg-1 (medium)
-	NOTE: Fixed in 2.2.3
 	NOTE: https://github.com/h2o/h2o/issues/1459
 CVE-2017-10867
 	RESERVED
@@ -60684,7 +60680,7 @@
 CVE-2016-9139 (Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...)
 	{DLA-787-1}
 	- otrs2 5.0.14-1 (bug #843091)
-	[jessie] - otrs2 <no-dsa> (Minor issue)
+	[jessie] - otrs2 <ignored> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2016-02-security-update-otrs/
 	NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/5
 	NOTE: upstream fix likely https://github.com/OTRS/otrs/commit/6578a8bcf82529461302291ab3fcb500363b005a




More information about the Secure-testing-commits mailing list