[Secure-testing-commits] r57991 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 24 11:23:10 UTC 2017
Author: carnil
Date: 2017-11-24 11:23:10 +0000 (Fri, 24 Nov 2017)
New Revision: 57991
Modified:
data/CVE/list
Log:
Add CVE-2016-10700/cacti, incomplete fix for CVE-2016-2313
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-24 11:15:52 UTC (rev 57990)
+++ data/CVE/list 2017-11-24 11:23:10 UTC (rev 57991)
@@ -12,7 +12,12 @@
CVE-2017-16933 (etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.0 has a chown ...)
TODO: check
CVE-2016-10700 (auth_login.php in Cacti before 1.0.0 allows remote authenticated users ...)
- TODO: check
+ - cacti 0.8.8h+ds1-5 (bug #833420)
+ [jessie] - cacti 0.8.8b+dfsg-8+deb8u6
+ [wheezy] - cacti 0.8.8a+dfsg-5+deb7u9
+ NOTE: https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697
+ NOTE: https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846
+ NOTE: Fix for the incomplete fix for CVE-2016-2313
CVE-2017-16932 (parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in ...)
- libxml2 <unfixed>
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759579
More information about the Secure-testing-commits
mailing list