[Secure-testing-commits] r50207 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Thu Mar 30 19:05:49 UTC 2017
Author: anarcat
Date: 2017-03-30 19:05:49 +0000 (Thu, 30 Mar 2017)
New Revision: 50207
Modified:
data/CVE/list
Log:
report issues for CVE-2016-10127 and CVE-2016-1566
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-30 18:54:18 UTC (rev 50206)
+++ data/CVE/list 2017-03-30 19:05:49 UTC (rev 50207)
@@ -6421,7 +6421,7 @@
CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded ...)
NOT-FOR-US: D-Link
CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity (XXE) ...)
- - python-pysaml2 <unfixed>
+ - python-pysaml2 <unfixed> (bug #859135)
[jessie] - python-pysaml2 <no-dsa> (Minor issue)
NOTE: https://github.com/rohe/pysaml2/issues/366
NOTE: A proper fix for this issue would be to fix the underlying issue in src:libxml2
@@ -45460,7 +45460,7 @@
NOTE: Fix for 2.x http://git.tuxfamily.org/chrony/chrony.git/commit/?id=a78bf9725a7b481ebff0e0c321294ba767f2c1d8
NOTE: Fix for 1.x http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=df46e5ca5d70be1c0ae037f96b4b038362703832
CVE-2016-1566 (Cross-site scripting (XSS) vulnerability in the file browser in ...)
- - guacamole-client <unfixed>
+ - guacamole-client <unfixed> (bug #859136)
[jessie] - guacamole-client <not-affected> (Vulnerable code not present)
- guacamole <not-affected> (Vulnerable code not present)
CVE-2016-1565 (Cross-site scripting (XSS) vulnerability in the Field Group module ...)
More information about the Secure-testing-commits
mailing list