[Secure-testing-commits] r58928 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Dec 26 10:01:07 UTC 2017
Author: carnil
Date: 2017-12-26 10:01:07 +0000 (Tue, 26 Dec 2017)
New Revision: 58928
Modified:
data/CVE/list
Log:
Update information for CVE-2017-17536/phabricator
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-26 09:10:19 UTC (rev 58927)
+++ data/CVE/list 2017-12-26 10:01:07 UTC (rev 58928)
@@ -5526,7 +5526,11 @@
CVE-2018-1341
RESERVED
CVE-2017-17536 (Phabricator before 2017-11-10 does not block the --config and ...)
- - phabricator <unfixed>
+ - phabricator <unfixed> (unimportant)
+ NOTE: Fixed by: https://github.com/phacility/phabricator/commit/a7921a4448093d00defa8bd18f35b8c8f8bf3314
+ NOTE: Starting with 0~git20160726-3 the Phabricator package is not built
+ NOTE: The issue is unfixed in the source up to 0~git20170812-1
+ NOTE: Fixed in 0~git20171202-1 (not yet accepted from NEW)
CVE-2017-17535 (lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before ...)
- gjots2 <unfixed> (unimportant)
NOTE: https://sources.debian.org/src/gjots2/2.4.1-2/lib/gui.py/?hl=2188#L2188
More information about the Secure-testing-commits
mailing list