[Secure-testing-commits] r51704 - in data: CVE DLA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 17 19:07:49 UTC 2017
Author: carnil
Date: 2017-05-17 19:07:49 +0000 (Wed, 17 May 2017)
New Revision: 51704
Modified:
data/CVE/list
data/DLA/list
Log:
CVE assigned for deluge
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-17 19:06:24 UTC (rev 51703)
+++ data/CVE/list 2017-05-17 19:07:49 UTC (rev 51704)
@@ -216,10 +216,8 @@
NOTE: https://github.com/VirusTotal/yara/commit/053e67e3ec81cc9268ce30eaf0d6663d8639ed1e
CVE-2017-8928 (mailcow 0.14, as used in "mailcow: dockerized" and other products, has ...)
NOT-FOR-US: mailcow
-CVE-2017-XXXX [deluge-webui: directory traversal attack vulnerability]
+CVE-2017-9031 [deluge-webui: directory traversal attack vulnerability]
- deluge 1.3.13+git20161130.48cedf63-3 (bug #862611)
- [wheezy] - deluge 1.3.3-2+nmu1+deb7u2
- NOTE: Workaround entry for DLA-943-1 until CVE assigned
NOTE: http://dev.deluge-torrent.org/wiki/ReleaseNotes/1.3.15
NOTE: Fixed by: http://git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=41acade01ae88f7b7bbdba308a0886771aa582fd
CVE-2017-8934 (PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local ...)
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2017-05-17 19:06:24 UTC (rev 51703)
+++ data/DLA/list 2017-05-17 19:07:49 UTC (rev 51704)
@@ -5,6 +5,7 @@
{CVE-2017-7479}
[wheezy] - openvpn 2.2.1-8+deb7u4
[16 May 2017] DLA-943-1 deluge - security update
+ {CVE-2017-9031}
[wheezy] - deluge 1.3.3-2+nmu1+deb7u2
[15 May 2017] DLA-942-1 jbig2dec - security update
{CVE-2017-7885 CVE-2017-7975 CVE-2017-7976}
More information about the Secure-testing-commits
mailing list