[Secure-testing-commits] r51418 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 8 19:20:08 UTC 2017
Author: carnil
Date: 2017-05-08 19:20:08 +0000 (Mon, 08 May 2017)
New Revision: 51418
Modified:
data/CVE/list
Log:
Update CVE-2017-4966/rabbitmq-server
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-08 18:50:54 UTC (rev 51417)
+++ data/CVE/list 2017-05-08 19:20:08 UTC (rev 51418)
@@ -11579,9 +11579,13 @@
CVE-2017-4967
RESERVED
- rabbitmq-server <unfixed>
-CVE-2017-4966
+CVE-2017-4966 [authentication details are stored in browser-local storage without expiration]
RESERVED
- rabbitmq-server <unfixed>
+ [jessie] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
+ [wheezy] - rabbitmq-server <not-affected> (Vulnerable code introduced later)
+ NOTE: Fixed by: https://github.com/rabbitmq/rabbitmq-management/commit/2371633f99ad0d293899384f078872ff9e9f3e10 (rabbitmq_v3_6_9)
+ NOTE: Introduced by: https://github.com/rabbitmq/rabbitmq-management/commit/ced47b0bdca862a58e8f31833643e948655f8368 (rabbitmq_v3_4_0)
CVE-2017-4965
RESERVED
- rabbitmq-server <unfixed>
More information about the Secure-testing-commits
mailing list