[Secure-testing-commits] r50020 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Mar 25 04:50:25 UTC 2017
Author: carnil
Date: 2017-03-25 04:50:25 +0000 (Sat, 25 Mar 2017)
New Revision: 50020
Modified:
data/CVE/list
Log:
Add bugs for firefird, #858641, #858644
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-25 04:44:33 UTC (rev 50019)
+++ data/CVE/list 2017-03-25 04:50:25 UTC (rev 50020)
@@ -2309,8 +2309,12 @@
CVE-2017-6370 (TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in ...)
NOT-FOR-US: Typo3
CVE-2017-6369 (Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 ...)
- - firebird2.5 <unfixed>
- - firebird3.0 <unfixed>
+ - firebird2.5 <unfixed> (bug #858641)
+ - firebird3.0 <unfixed> (bug #858644)
+ NOTE: http://tracker.firebirdsql.org/browse/CORE-5474
+ NOTE: Fixed by: https://github.com/FirebirdSQL/firebird/commit/8b2a9cb44bf6055e15f016d70a6842b8ada60375 (3.0)
+ NOTE: https://github.com/FirebirdSQL/firebird/commit/9d9b9e0c94e201da489d1da81f858c570d3ca6ef (2.5)
+ NOTE: https://github.com/FirebirdSQL/firebird/commit/a802126cd501f641f00d6cda12d5d9ee3ecda6f5 (2.5)
CVE-2017-6368
RESERVED
CVE-2017-6367 (In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the ...)
More information about the Secure-testing-commits
mailing list