[Secure-testing-commits] r53786 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Jul 22 09:59:02 UTC 2017
Author: jmm
Date: 2017-07-22 09:59:02 +0000 (Sat, 22 Jul 2017)
New Revision: 53786
Modified:
data/CVE/list
Log:
mark one gitlab issue as n/a
NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-22 09:31:20 UTC (rev 53785)
+++ data/CVE/list 2017-07-22 09:59:02 UTC (rev 53786)
@@ -203,9 +203,8 @@
NOT-FOR-US: Sitecore
CVE-2017-11438 [Projects in subgroups authorization bypass with SQL wildcards]
RESERVED
- - gitlab <undetermined>
+ - gitlab <not-affected> (Only affects 8.5 onwards)
NOTE: https://about.gitlab.com/2017/07/19/gitlab-9-dot-3-dot-8-released/
- TODO: check, claimed to not affect 8.17.x so possibly as well not our versions
CVE-2017-11437 [Unauthorized repository access by using project mirrors and CI]
RESERVED
- gitlab <unfixed>
@@ -77715,7 +77714,7 @@
CVE-2015-3422 (Cross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 ...)
NOT-FOR-US: SearchBlox
CVE-2015-3421 (The eshop_checkout function in checkout.php in the Wordpress Eshop ...)
- TODO: check
+ NOT-FOR-US: Wordpress Eshop
CVE-2015-3419
RESERVED
CVE-2015-3413
More information about the Secure-testing-commits
mailing list