[Secure-testing-commits] r53475 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jul 13 21:33:23 UTC 2017


Author: carnil
Date: 2017-07-13 21:33:23 +0000 (Thu, 13 Jul 2017)
New Revision: 53475

Modified:
   data/CVE/list
Log:
Add CVE-2017-1000061/xmlsec1

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-13 21:28:14 UTC (rev 53474)
+++ data/CVE/list	2017-07-13 21:33:23 UTC (rev 53475)
@@ -451,7 +451,8 @@
 CVE-2017-1000062 (kittoframework kitto 0.5.1 is vulnerable to directory traversal in the ...)
 	TODO: check
 CVE-2017-1000061 (xmlsec 1.2.23 and before is vulnerable to XML External Entity ...)
-	TODO: check
+	- xmlsec1 <unfixed>
+	NOTE: https://github.com/lsh123/xmlsec/issues/43
 CVE-2017-1000060 (EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb ...)
 	TODO: check
 CVE-2017-1000059 (Live Helper Chat version 2.06v and older is vulnerable to Cross-Site ...)




More information about the Secure-testing-commits mailing list