[Secure-testing-commits] r53514 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 15 19:30:14 UTC 2017
Author: carnil
Date: 2017-07-15 19:30:14 +0000 (Sat, 15 Jul 2017)
New Revision: 53514
Modified:
data/CVE/list
Log:
Add upstream bug for CVE-2017-1000071
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-15 18:56:29 UTC (rev 53513)
+++ data/CVE/list 2017-07-15 19:30:14 UTC (rev 53514)
@@ -484,6 +484,7 @@
CVE-2017-1000071 (Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass ...)
- php-cas <unfixed>
[wheezy] - php-cas <no-dsa> (Minor issue, only works with old CAS server)
+ NOTE: https://github.com/Jasig/phpCAS/issues/228
NOTE: The vulnerability only exists when the server is affected by
NOTE: another very old vulnerability fixed in 2010.
CVE-2017-1000070 (The Bitly oauth2_proxy in version 2.1 and earlier was affected by an ...)
More information about the Secure-testing-commits
mailing list