[Secure-testing-commits] r57225 - data/CVE
Markus Koschany
apo at moszumanska.debian.org
Wed Nov 1 23:49:13 UTC 2017
Author: apo
Date: 2017-11-01 23:49:13 +0000 (Wed, 01 Nov 2017)
New Revision: 57225
Modified:
data/CVE/list
Log:
CVE-2017-14063,async-http-client: All versions in Debian are not affected
The vulnerable code is not present.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-01 22:47:26 UTC (rev 57224)
+++ data/CVE/list 2017-11-01 23:49:13 UTC (rev 57225)
@@ -6794,6 +6794,9 @@
NOT-FOR-US: phpThumb
CVE-2017-14063 (Async Http Client (aka async-http-client) before 2.0.35 can be tricked ...)
- async-http-client <undetermined>
+ [stretch] - async-http-client <not-affected> (vulnerable code not present)
+ [jessie] - async-http-client <not-affected> (vulnerable code not present)
+ [wheezy] - async-http-client <not-affected> (vulnerable code not present)
NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/1455
NOTE: https://github.com/AsyncHttpClient/async-http-client/commit/eb9e3347e45319be494db24d285a2aee4396f5d3
CVE-2017-14050 (In BlackCat CMS 1.2, backend/addons/install.php allows remote ...)
More information about the Secure-testing-commits
mailing list