[Secure-testing-commits] r57227 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Nov 2 06:50:04 UTC 2017
Author: carnil
Date: 2017-11-02 06:50:04 +0000 (Thu, 02 Nov 2017)
New Revision: 57227
Modified:
data/CVE/list
Log:
Check status for CVE-2017-14063, update status for all suites
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-02 05:58:30 UTC (rev 57226)
+++ data/CVE/list 2017-11-02 06:50:04 UTC (rev 57227)
@@ -6793,10 +6793,7 @@
CVE-2016-10508 (Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() ...)
NOT-FOR-US: phpThumb
CVE-2017-14063 (Async Http Client (aka async-http-client) before 2.0.35 can be tricked ...)
- - async-http-client <undetermined>
- [stretch] - async-http-client <not-affected> (vulnerable code not present)
- [jessie] - async-http-client <not-affected> (vulnerable code not present)
- [wheezy] - async-http-client <not-affected> (vulnerable code not present)
+ - async-http-client <not-affected> (Vulnerable code introduced later after port to new Request API)
NOTE: https://github.com/AsyncHttpClient/async-http-client/issues/1455
NOTE: https://github.com/AsyncHttpClient/async-http-client/commit/eb9e3347e45319be494db24d285a2aee4396f5d3
CVE-2017-14050 (In BlackCat CMS 1.2, backend/addons/install.php allows remote ...)
More information about the Secure-testing-commits
mailing list