[Secure-testing-commits] r48735 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Feb 6 14:47:51 UTC 2017
Author: jmm
Date: 2017-02-06 14:47:51 +0000 (Mon, 06 Feb 2017)
New Revision: 48735
Modified:
data/CVE/list
Log:
new libapache2-mod-auth-openidc issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-06 09:10:11 UTC (rev 48734)
+++ data/CVE/list 2017-02-06 14:47:51 UTC (rev 48735)
@@ -1,3 +1,9 @@
+CVE-2017-XXXX [information leak in error messages]
+ - libapache2-mod-auth-openidc 2.1.5-1
+ NOTE: https://github.com/pingidentity/mod_auth_openidc/issues/212
+CVE-2017-XXXX [OIDCUnAuthAction pass does not scrub request headers]
+ - libapache2-mod-auth-openidc 2.1.5-1
+ NOTE: https://github.com/pingidentity/mod_auth_openidc/issues/222
CVE-2017-XXXX [irssi memory leak]
- irssi <unfixed>
[jessie] - irssi <not-affected> (support for sasl not present)
More information about the Secure-testing-commits
mailing list