[Secure-testing-commits] r56489 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Oct 7 09:17:36 UTC 2017


Author: carnil
Date: 2017-10-07 09:17:36 +0000 (Sat, 07 Oct 2017)
New Revision: 56489

Modified:
   data/CVE/list
Log:
Add one issue in koji

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-07 09:13:59 UTC (rev 56488)
+++ data/CVE/list	2017-10-07 09:17:36 UTC (rev 56489)
@@ -41,7 +41,9 @@
 CVE-2017-15064 (The Intel Puma 5, 6, and 7 chips, as used on various Arris devices, ...)
 	NOT-FOR-US: Intel
 CVE-2017-1002153 (Koji 1.13.0 does not properly validate SCM paths, allowing an attacker ...)
-	TODO: check
+	- koji <unfixed>
+	NOTE: https://pagure.io/koji/issue/563
+	NOTE: https://pagure.io/koji/c/ba7b5a3cbed11ade11c3af5e834c9a6de4f6d7c3
 CVE-2017-1000255
 	RESERVED
 CVE-2017-15063 (There are CSRF vulnerabilities in Subrion CMS before 4.2.0 because of a ...)




More information about the Secure-testing-commits mailing list