[Secure-testing-commits] r56168 - in data: CVE DSA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 26 19:45:56 UTC 2017
Author: carnil
Date: 2017-09-26 19:45:56 +0000 (Tue, 26 Sep 2017)
New Revision: 56168
Modified:
data/CVE/list
data/DSA/list
Log:
Add workaround entries until CVEs assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-26 19:43:18 UTC (rev 56167)
+++ data/CVE/list 2017-09-26 19:45:56 UTC (rev 56168)
@@ -1,5 +1,8 @@
CVE-2017-XXXX [Git cvsserver OS Command Injection]
- git 1:2.14.2-1 (bug #876854)
+ [stretch] - git 1:2.11.0-3+deb9u2
+ [jessie] - git 1:2.1.4-2.1+deb8u5
+ NOTE: Workaround entries for DSA-3984-1 until CVE(s) assigned
NOTE: http://www.openwall.com/lists/oss-security/2017/09/26/9
NOTE: https://public-inbox.org/git/xmqqy3p29ekj.fsf@gitster.mtv.corp.google.com/T/#u
CVE-2017-14744 (UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element. ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2017-09-26 19:43:18 UTC (rev 56167)
+++ data/DSA/list 2017-09-26 19:45:56 UTC (rev 56168)
@@ -1,6 +1,6 @@
[26 Sep 2017] DSA-3984-1 git - security update
- [jessie] - git 1:2.1.4-2.1+deb8u5 (bug #876854)
- [stretch] - git 1:2.11.0-3+deb9u2 (bug #876854)
+ [jessie] - git 1:2.1.4-2.1+deb8u5
+ [stretch] - git 1:2.11.0-3+deb9u2
[22 Sep 2017] DSA-3983-1 samba - security update
{CVE-2017-12150 CVE-2017-12151 CVE-2017-12163}
[jessie] - samba 2:4.2.14+dfsg-0+deb8u8
More information about the Secure-testing-commits
mailing list