[Secure-testing-commits] r47854 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 9 21:18:44 UTC 2017
Author: carnil
Date: 2017-01-09 21:18:44 +0000 (Mon, 09 Jan 2017)
New Revision: 47854
Modified:
data/CVE/list
Log:
Update CVE-2016-10034 information
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-09 20:58:37 UTC (rev 47853)
+++ data/CVE/list 2017-01-09 21:18:44 UTC (rev 47854)
@@ -2853,8 +2853,7 @@
CVE-2016-10035
RESERVED
CVE-2016-10034 (The setFrom function in the Sendmail adapter in the zend-mail ...)
- - zendframework <unfixed> (bug #850215)
- [wheezy] - zendframework <not-affected> (Vulnerable code not present)
+ - zendframework <not-affected> (Vulnerable code not present in ZF1, cf. #850215)
NOTE: https://framework.zend.com/security/advisory/ZF2016-04
NOTE: https://github.com/zendframework/zendframework/commit/7c1e89815f5a9c016f4b8088e59b07cb2bf99dc0
NOTE: http://legalhackers.com/advisories/ZendFramework-Exploit-ZendMail-Remote-Code-Exec-CVE-2016-10034-Vuln.html
More information about the Secure-testing-commits
mailing list