[Secure-testing-commits] r57634 - data/CVE

Paul Mathijs Gevers elbrus at moszumanska.debian.org
Tue Nov 14 20:26:40 UTC 2017 

Author: elbrus
Date: 2017-11-14 20:26:40 +0000 (Tue, 14 Nov 2017)
New Revision: 57634

Modified:
   data/CVE/list
Log:
[cacti] Update CVE-2017-16660 and CVE-2017-16661 with unaffected versions

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-14 20:16:41 UTC (rev 57633)
+++ data/CVE/list	2017-11-14 20:26:40 UTC (rev 57634)
@@ -92,8 +92,8 @@
 	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
 	[wheezy] - cacti <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/Cacti/cacti/issues/1071
-    NOTE: this is more or less a dublicate of CVE-2017-16641
-    NOTE: one of the applied patches reopened the vulnerability
+	NOTE: this is more or less a dublicate of CVE-2017-16641
+	NOTE: one of the applied patches reopened the vulnerability
 CVE-2017-16779
 	RESERVED
 CVE-2017-16778
@@ -417,12 +417,18 @@
 	NOTE: https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1
 CVE-2017-16661 (Cacti 1.1.27 allows remote authenticated administrators to read ...)
 	- cacti <unfixed>
+	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
+	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
 	[wheezy] - cacti <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/Cacti/cacti/issues/1066
+	NOTE: affected code was introduced in the 1.x release
 CVE-2017-16660 (Cacti 1.1.27 allows remote authenticated administrators to conduct ...)
 	- cacti <unfixed>
+	[stretch] - cacti <not-affected> (Vulnerable code does not exist)
+	[jessie] - cacti <not-affected> (Vulnerable code does not exist)
 	[wheezy] - cacti <not-affected> (Vulnerable code does not exist)
 	NOTE: https://github.com/Cacti/cacti/issues/1066
+	NOTE: affected code was introduced in the 1.x release
 CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators ...)
 	- cacti <unfixed> (bug #881110)
 	NOTE: https://github.com/Cacti/cacti/issues/1057

More information about the Secure-testing-commits mailing list