[Secure-testing-commits] r53391 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jul 11 21:11:05 UTC 2017
Author: jmm
Date: 2017-07-11 21:11:05 +0000 (Tue, 11 Jul 2017)
New Revision: 53391
Modified:
data/CVE/list
Log:
mitre update on yaws
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-11 21:10:16 UTC (rev 53390)
+++ data/CVE/list 2017-07-11 21:11:05 UTC (rev 53391)
@@ -610,7 +610,9 @@
CVE-2017-10975 (Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might ...)
NOT-FOR-US: Lutim
CVE-2017-10974 (Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP ...)
- NOTE: Looks like a duplicate of CVE-2011-4350, contacted MITRE for rejection
+ - yaws 1.91-2
+ NOTE: Slightly different, additional CVE assignment which MITRE insists on, but fixed by the
+ NOTE: original patch for CVE-2011-4350
CVE-2017-10973 (In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php ...)
NOT-FOR-US: FineCMS
CVE-2017-10970 (Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 ...)
More information about the Secure-testing-commits
mailing list