[Secure-testing-commits] r48024 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 14 10:46:19 UTC 2017
Author: carnil
Date: 2017-01-14 10:46:19 +0000 (Sat, 14 Jan 2017)
New Revision: 48024
Modified:
data/CVE/list
Log:
src:dotclear removed from stable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-14 10:28:51 UTC (rev 48023)
+++ data/CVE/list 2017-01-14 10:46:19 UTC (rev 48024)
@@ -5204,7 +5204,6 @@
RESERVED
CVE-2016-9891 (Cross-site scripting (XSS) vulnerability in admin/media.php and ...)
- dotclear <removed>
- [jessie] - dotclear <no-dsa> (Minor issue, will be removed from stable)
CVE-2016-9890
RESERVED
CVE-2016-9889 (Some forms with the parameter geo_zoomlevel_to_found_location in Tiki ...)
@@ -13290,7 +13289,6 @@
RESERVED
CVE-2016-9268 (Unrestricted file upload vulnerability in the Blog appearance in the ...)
- dotclear <removed>
- [jessie] - dotclear <no-dsa> (Minor issue)
NOTE: http://dev.dotclear.org/2.0/changeset/445e9ff79a1fa81033591761d6a340e219d159b2
NOTE: http://dev.dotclear.org/2.0/ticket/2214
CVE-2016-9267
@@ -18031,11 +18029,9 @@
RESERVED
CVE-2016-7903 (Dotclear before 2.10.3, when the Host header is not part of the web ...)
- dotclear <removed>
- [jessie] - dotclear <no-dsa> (Minor issue)
NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/bb06343f4247
CVE-2016-7902 (Unrestricted file upload vulnerability in the fileUnzip->unzip method ...)
- dotclear <removed>
- [jessie] - dotclear <no-dsa> (Minor issue)
NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/a9db771a5a70
CVE-2016-7901
REJECTED
@@ -22175,7 +22171,6 @@
NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e
CVE-2016-6523 (Multiple cross-site scripting (XSS) vulnerabilities in the media ...)
- dotclear <removed>
- [jessie] - dotclear <no-dsa> (Minor issue)
NOTE: Fixed by: https://hg.dotclear.org/dotclear/rev/40d0207e520d
CVE-2016-6522
RESERVED
@@ -29836,7 +29831,6 @@
NOTE: https://github.com/mm2/Little-CMS/commit/fefaaa43c382eee632ea3ad0cfa915335140e1db#diff-189a94f0a7a47efdd43f5567e27a973b
CVE-2016-XXXX [XSS]
- dotclear <removed>
- [jessie] - dotclear <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9
CVE-2016-4482 (The proc_connectinfo function in drivers/usb/core/devio.c in the Linux ...)
{DSA-3607-1 DLA-516-1}
@@ -34154,7 +34148,6 @@
CVE-2015-8832 [media exclusion control enforcement]
RESERVED
- dotclear <removed> (bug #815979)
- [jessie] - dotclear <no-dsa> (Minor issue; workaround possible; can be fixed via a point release)
NOTE: https://hg.dotclear.org/dotclear/rev/198580bc3d80
NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2
NOTE: Fixed upstream in 2.8.2
@@ -34162,7 +34155,6 @@
CVE-2015-8831 [potential XSS vulnerability in comments's list]
RESERVED
- dotclear <removed> (bug #815979)
- [jessie] - dotclear <no-dsa> (Minor issue; can be fixed via a point release)
NOTE: https://hg.dotclear.org/dotclear/rev/65e65154dadf
NOTE: https://dotclear.org/blog/post/2015/10/25/Dotclear-2.8.2
NOTE: Fixed upstream in 2.8.2
@@ -52109,7 +52101,6 @@
NOT-FOR-US: Python on Windows
CVE-2015-5651 (Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 ...)
- dotclear <removed> (bug #815979)
- [jessie] - dotclear <no-dsa> (Minor issue)
NOTE: http://dotclear.org/blog/post/2015/09/23/Dotclear-2.8.1
CVE-2015-5650 (Directory traversal vulnerability in AjaXplorer 2.0 allows remote ...)
TODO: check
More information about the Secure-testing-commits
mailing list