[Secure-testing-commits] r57039 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 27 19:06:04 UTC 2017
Author: carnil
Date: 2017-10-27 19:06:04 +0000 (Fri, 27 Oct 2017)
New Revision: 57039
Modified:
data/CVE/list
Log:
Update status for CVE-2016-10516/python-werkzeug
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-27 18:56:52 UTC (rev 57038)
+++ data/CVE/list 2017-10-27 19:06:04 UTC (rev 57039)
@@ -250,7 +250,10 @@
CVE-2017-15806
RESERVED
CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full function in ...)
- - python-werkzeug <undetermined>
+ - python-werkzeug 0.11.11+dfsg1-1
+ NOTE: http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
+ NOTE: https://github.com/pallets/werkzeug/pull/1001
+ NOTE: https://github.com/pallets/werkzeug/commit/1034edc7f901dd645ec6e462754111b39002bd65
CVE-2017-15805 (Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and ...)
NOT-FOR-US: Cisco
CVE-2017-15804 (The glob function in glob.c in the GNU C Library (aka glibc or libc6) ...)
More information about the Secure-testing-commits
mailing list