[Secure-testing-commits] r57633 - data/CVE
Paul Mathijs Gevers
elbrus at moszumanska.debian.org
Tue Nov 14 20:16:42 UTC 2017
Author: elbrus
Date: 2017-11-14 20:16:41 +0000 (Tue, 14 Nov 2017)
New Revision: 57633
Modified:
data/CVE/list
Log:
[cacti] add info for CVE-2017-16785
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-14 20:08:34 UTC (rev 57632)
+++ data/CVE/list 2017-11-14 20:16:41 UTC (rev 57633)
@@ -88,7 +88,12 @@
NOT-FOR-US: MyBB
CVE-2017-16785 (Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. ...)
- cacti <unfixed>
+ [stretch] - cacti <not-affected> (Vulnerable code does not exist)
+ [jessie] - cacti <not-affected> (Vulnerable code does not exist)
+ [wheezy] - cacti <not-affected> (Vulnerable code does not exist)
NOTE: https://github.com/Cacti/cacti/issues/1071
+ NOTE: this is more or less a dublicate of CVE-2017-16641
+ NOTE: one of the applied patches reopened the vulnerability
CVE-2017-16779
RESERVED
CVE-2017-16778
More information about the Secure-testing-commits
mailing list