[Secure-testing-commits] r58043 - data/CVE

[Paul Wise]

Author: pabs
Date: 2017-11-27 04:14:21 +0000 (Mon, 27 Nov 2017)
New Revision: 58043

Modified:
   data/CVE/list
Log:
mistune: two vulnerabilities

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-27 02:25:28 UTC (rev 58042)
+++ data/CVE/list	2017-11-27 04:14:21 UTC (rev 58043)
@@ -1,3 +1,6 @@
+CVE-2017-XXXX [XSS vulnerability]
+	- mistune 0.8-1
+	NOTE: https://github.com/lepture/mistune/commit/d6f0b6402299bf5a380e7b4e77bd80e8736630fe
 CVE-2017-16947
 	RESERVED
 CVE-2017-16946 (The admin_edit function in app/Controller/UsersController.php in MISP ...)
@@ -273,6 +276,8 @@
 	NOT-FOR-US: ZEIT Next.js
 CVE-2017-16876
 	RESERVED
+	- mistune 0.8.1-1
+	NOTE: https://github.com/lepture/mistune/commit/5f06d724bc05580e7f203db2d4a4905fc1127f98
 CVE-2017-16875 (An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in ...)
 	- pjproject 2.7.1~dfsg-1
 	NOTE: https://trac.pjsip.org/repos/ticket/2055