[Secure-testing-commits] r57730 - data/CVE
Chris Lamb
lamby at moszumanska.debian.org
Fri Nov 17 18:58:38 UTC 2017
Author: lamby
Date: 2017-11-17 18:58:38 +0000 (Fri, 17 Nov 2017)
New Revision: 57730
Modified:
data/CVE/list
Log:
data/CVE/list: Add note for CVE-2017-16835/pnp4nagios
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-17 18:45:51 UTC (rev 57729)
+++ data/CVE/list 2017-11-17 18:58:38 UTC (rev 57730)
@@ -355,6 +355,9 @@
CVE-2017-16834 (PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an ...)
- pnp4nagios <removed>
NOTE: https://github.com/lingej/pnp4nagios/issues/140
+ NOTE: Fixed by dh_fixperms, surely? eg.
+ NOTE: $ ls -l /etc/pnp4nagios/npcd.cfg
+ NOTE: -rw-r--r-- 1 root root 4149 Nov 25 2012 /etc/pnp4nagios/npcd.cfg
CVE-2017-16833 (Stored cross-site scripting (XSS) vulnerability in Gemirro before ...)
NOT-FOR-US: Gemirro
CVE-2017-16853 (The DynamicMetadataProvider class in ...)
More information about the Secure-testing-commits
mailing list