[Secure-testing-commits] r57625 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Tue Nov 14 16:56:12 UTC 2017


Author: hertzog
Date: 2017-11-14 16:56:12 +0000 (Tue, 14 Nov 2017)
New Revision: 57625

Modified:
   data/CVE/list
Log:
Update data for CVE-2017-10672

* experimental entry is no longer required
* update pull request URL to the one that got merged

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-14 16:48:41 UTC (rev 57624)
+++ data/CVE/list	2017-11-14 16:56:12 UTC (rev 57625)
@@ -17531,10 +17531,9 @@
 CVE-2017-10673 (admin/profile.php in GetSimple CMS 3.x has XSS in a name field. ...)
 	NOT-FOR-US: GetSimple CMS
 CVE-2017-10672 (Use-after-free in the XML-LibXML module through 2.0129 for Perl allows ...)
-	[experimental] - libxml-libxml-perl 2.0128+dfsg-4
 	- libxml-libxml-perl 2.0128+dfsg-5 (bug #866676)
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=122246
-	NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/9
+	NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/8
 CVE-2017-10671 (Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in ...)
 	- thttpd <removed>
 CVE-2017-10670 (An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used ...)




More information about the Secure-testing-commits mailing list