[Secure-testing-commits] r56966 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Wed Oct 25 16:46:31 UTC 2017
Author: hertzog
Date: 2017-10-25 16:46:31 +0000 (Wed, 25 Oct 2017)
New Revision: 56966
Modified:
data/CVE/list
Log:
zoneminder issues are fixed in unstable
Chris Lamb checked that the CVE have been fixed upstream:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733#53
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-25 15:32:12 UTC (rev 56965)
+++ data/CVE/list 2017-10-25 16:46:31 UTC (rev 56966)
@@ -25517,8 +25517,9 @@
CVE-2017-7204 (A Cross-Site Scripting (XSS) was discovered in imdbphp 5.1.1. The ...)
NOT-FOR-US: imdbphp
CVE-2017-7203 (A Cross-Site Scripting (XSS) was discovered in ZoneMinder 1.30.2. The ...)
- - zoneminder <unfixed> (bug #858329)
+ - zoneminder 1.30.4+dfsg-1 (bug #858329)
NOTE: https://github.com/ZoneMinder/ZoneMinder/issues/1797
+ NOTE: Fixed in 1.30.2 upstream.
CVE-2017-7202 (Multiple Cross-Site Scripting (XSS) were discovered in SLiMS 7 Cendana ...)
NOT-FOR-US: SLiMS
CVE-2017-7201
@@ -29417,29 +29418,23 @@
NOTE: Patch: https://github.com/irssi/irssi/pull/619/commits/677fb1f55ca52d0e43c93f7d8361d333ff5bffd6
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/02/05/8
CVE-2016-10206 (Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ...)
- - zoneminder <unfixed> (bug #854272)
+ - zoneminder 1.30.4+dfsg-1 (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10205 (Session fixation vulnerability in Zoneminder 1.30 and earlier allows ...)
- - zoneminder <unfixed> (bug #854272)
+ - zoneminder 1.30.4+dfsg-1 (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10204 (SQL injection vulnerability in Zoneminder 1.30 and earlier allows ...)
- - zoneminder <unfixed> (bug #854272)
+ - zoneminder 1.30.4+dfsg-1 (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10203 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
- - zoneminder <unfixed> (bug #854272)
+ - zoneminder 1.30.4+dfsg-1 (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10202 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
- - zoneminder <unfixed> (bug #854272)
+ - zoneminder 1.30.4+dfsg-1 (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10201 (Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...)
- - zoneminder <unfixed> (bug #854272)
+ - zoneminder 1.30.4+dfsg-1 (bug #854272)
[jessie] - zoneminder <no-dsa> (Minor issue)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10208 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel ...)
- linux 4.9.10-1
[jessie] - linux 3.16.43-1
@@ -31421,11 +31416,9 @@
CVE-2017-5369
RESERVED
CVE-2017-5368 (ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, ...)
- - zoneminder <unfixed> (bug #854733)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
+ - zoneminder 1.30.4+dfsg-1 (bug #854733)
CVE-2017-5367 (Multiple reflected XSS vulnerabilities exist within form and link input ...)
- - zoneminder <unfixed> (bug #854733)
- TODO: check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
+ - zoneminder 1.30.4+dfsg-1 (bug #854733)
CVE-2017-5366
RESERVED
CVE-2017-5365
More information about the Secure-testing-commits
mailing list