[Secure-testing-commits] r58010 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sat Nov 25 09:10:29 UTC 2017
Author: sectracker
Date: 2017-11-25 09:10:29 +0000 (Sat, 25 Nov 2017)
New Revision: 58010
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-25 08:27:24 UTC (rev 58009)
+++ data/CVE/list 2017-11-25 09:10:29 UTC (rev 58010)
@@ -1,3 +1,7 @@
+CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of ...)
+ TODO: check
+CVE-2017-16940
+ RESERVED
CVE-2017-16939 (The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the ...)
- linux 4.13.13-1
NOTE: Fixed by: https://git.kernel.org/linus/1137b5e2529a8f5ca8ee709288ecba3e68044df2
@@ -3528,6 +3532,7 @@
CVE-2017-15806 (The send function in the ezcMailMtaTransport class in Zeta Components ...)
NOT-FOR-US: Zeta Components Mail
CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full function in ...)
+ {DLA-1191-1}
- python-werkzeug 0.11.11+dfsg1-1
NOTE: http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
NOTE: https://github.com/pallets/werkzeug/pull/1001
More information about the Secure-testing-commits
mailing list