[Secure-testing-commits] r53891 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jul 25 10:05:48 UTC 2017


Author: jmm
Date: 2017-07-25 10:05:48 +0000 (Tue, 25 Jul 2017)
New Revision: 53891

Modified:
   data/CVE/list
Log:
nodejs CVEfied
phpmyadmin / phpldapadmin no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-25 09:45:52 UTC (rev 53890)
+++ data/CVE/list	2017-07-25 10:05:48 UTC (rev 53891)
@@ -283,8 +283,11 @@
 	NOT-FOR-US: NixOS
 CVE-2017-11500 (A directory traversal vulnerability exists in MetInfo 5.3.17. A remote ...)
 	NOT-FOR-US: MetInfo
-CVE-2017-11499
+CVE-2017-11499 [nodejs hash seed]
 	RESERVED
+	- nodejs 4.8.4~dfsg-1 (bug #868162; unimportant)
+	NOTE: https://nodejs.org/en/blog/release/v6.11.1/
+	NOTE: https://nodejs.org/en/blog/release/v4.8.4/
 CVE-2017-11498
 	RESERVED
 CVE-2017-11497
@@ -1055,10 +1058,6 @@
 	RESERVED
 CVE-2017-11185
 	RESERVED
-CVE-2017-XXXX [nodejs hash seed]
-	- nodejs 4.8.4~dfsg-1 (bug #868162; unimportant)
-	NOTE: https://nodejs.org/en/blog/release/v6.11.1/
-	NOTE: https://nodejs.org/en/blog/release/v4.8.4/
 CVE-2017-11184
 	RESERVED
 CVE-2017-11183
@@ -1491,6 +1490,7 @@
 CVE-2017-11107 (phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the ...)
 	{DLA-1019-1}
 	- phpldapadmin <unfixed> (bug #867719)
+	[jessie] - phpldapadmin <no-dsa> (Minor issue)
 	NOTE: https://github.com/leenooks/phpLDAPadmin/issues/50
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/phpldapadmin/+bug/1701731
 CVE-2017-11106
@@ -41334,16 +41334,17 @@
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-51/
 CVE-2016-6627 (An issue was discovered in phpMyAdmin. An attacker can determine the ...)
 	- phpmyadmin 4:4.6.4+dfsg1-1
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <no-dsa> (Not critical enough)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-50/
 CVE-2016-6626 (An issue was discovered in phpMyAdmin. An attacker could redirect a ...)
 	{DLA-757-1}
 	- phpmyadmin 4:4.6.4+dfsg1-1
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	[wheezy] - phpmyadmin <not-affected> (Vulnerable code not present)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-49/
 CVE-2016-6625 (An issue was discovered in phpMyAdmin. An attacker can determine ...)
-	- phpmyadmin 4:4.6.4+dfsg1-1
-	[wheezy] - phpmyadmin <no-dsa> (Not critical enough)
+	- phpmyadmin 4:4.6.4+dfsg1-1 (unimportant)
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-48/
 	NOTE: The solution is to remove a configuration option. This option
 	NOTE: is by default disabled so a default installation is not
@@ -41353,10 +41354,12 @@
 	NOTE: solved for wheezy.
 CVE-2016-6624 (An issue was discovered in phpMyAdmin involving improper enforcement ...)
 	{DLA-626-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-47/
 CVE-2016-6623 (An issue was discovered in phpMyAdmin. An authorized user can cause a ...)
 	{DLA-626-1}
+	[jessie] - phpmyadmin <no-dsa> (Minor issue)
 	- phpmyadmin 4:4.6.4+dfsg1-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-46/
 CVE-2016-6622 (An issue was discovered in phpMyAdmin. An unauthenticated user is able ...)




More information about the Secure-testing-commits mailing list