[Secure-testing-commits] r55825 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Sep 17 09:17:12 UTC 2017
Author: carnil
Date: 2017-09-17 09:17:12 +0000 (Sun, 17 Sep 2017)
New Revision: 55825
Modified:
data/CVE/list
Log:
Add CVE-2017-14500/newsbeuter
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-17 09:10:13 UTC (rev 55824)
+++ data/CVE/list 2017-09-17 09:17:12 UTC (rev 55825)
@@ -1,5 +1,9 @@
CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS Command in ...)
- TODO: check
+ - newsbeuter <unfixed>
+ NOTE: http://openwall.com/lists/oss-security/2017/09/16/1
+ NOTE: https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333
+ NOTE: https://github.com/akrennmair/newsbeuter/commit/c8fea2f60c18ed30bdd1bb6f798e994e51a58260
+ NOTE: https://github.com/akrennmair/newsbeuter/issues/598
CVE-2017-14499
RESERVED
CVE-2017-14498 (SilverStripe CMS before 3.6.1 has XSS via an SVG document that is ...)
More information about the Secure-testing-commits
mailing list