[Secure-testing-commits] r51243 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 1 13:51:59 UTC 2017
Author: carnil
Date: 2017-05-01 13:51:59 +0000 (Mon, 01 May 2017)
New Revision: 51243
Modified:
data/CVE/list
Log:
Add CVE-2017-6519/avahi, mark as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-01 13:30:33 UTC (rev 51242)
+++ data/CVE/list 2017-05-01 13:51:59 UTC (rev 51243)
@@ -5034,7 +5034,11 @@
CVE-2017-6520 (The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 ...)
NOT-FOR-US: Multicast DNS (mDNS) responder used in BOSE Soundtouch 30
CVE-2017-6519 (avahi-daemon in Avahi through 0.6.32 inadvertently responds to IPv6 ...)
- TODO: check
+ - avahi <unfixed>
+ [jessie] - avahi <no-dsa> (Minor issue)
+ NOTE: Task can be performed by blocking at the perimeter UDP port 5353 both for
+ NOTE: incoming and outgoing connections.
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1426712
CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in ...)
NOT-FOR-US: SanaCMS
CVE-2017-6517 (Microsoft Skype 7.16.0.102 contains a vulnerability that could allow ...)
More information about the Secure-testing-commits
mailing list