[Secure-testing-commits] r51807 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 22 04:19:39 UTC 2017
Author: carnil
Date: 2017-05-22 04:19:39 +0000 (Mon, 22 May 2017)
New Revision: 51807
Modified:
data/CVE/list
Log:
Add CVE-2014-9970/jasypt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-22 02:46:04 UTC (rev 51806)
+++ data/CVE/list 2017-05-22 04:19:39 UTC (rev 51807)
@@ -39,7 +39,8 @@
CVE-2017-9101 (import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows ...)
TODO: check
CVE-2014-9970 (jasypt before 1.9.2 allows a timing attack against the password hash ...)
- TODO: check
+ - jasypt 1.9.2-1
+ NOTE: https://sourceforge.net/p/jasypt/code/668/
CVE-2017-9100 (login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote ...)
NOT-FOR-US: D-Link
CVE-2017-XXXX [buffer overflow in output option commandline argument (VL-ID 2068)]
More information about the Secure-testing-commits
mailing list