[Secure-testing-commits] r55966 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Sep 21 09:36:15 UTC 2017
Author: carnil
Date: 2017-09-21 09:36:15 +0000 (Thu, 21 Sep 2017)
New Revision: 55966
Modified:
data/CVE/list
Log:
Add CVE-2017-14623/golang-github-go-ldap-ldap
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-21 09:31:37 UTC (rev 55965)
+++ data/CVE/list 2017-09-21 09:36:15 UTC (rev 55966)
@@ -36,7 +36,9 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/722
NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/9ff805077fd5297dc41dc989f9dba59877e12f97
CVE-2017-14623 (In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go, an attacker ...)
- TODO: check
+ - golang-github-go-ldap-ldap <unfixed>
+ NOTE: https://github.com/go-ldap/ldap/pull/126
+ NOTE: https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66
CVE-2017-14622
RESERVED
CVE-2017-14621 (Portus 2.2.0 has XSS via the Team field, related to typeahead. ...)
More information about the Secure-testing-commits
mailing list