[Git][security-tracker-team/security-tracker][master] Older lftp issues fixed 3.5.9 upstream (and 3.5.9-1 in unstable)
Salvatore Bonaccorso
carnil at debian.org
Wed Aug 1 04:20:14 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b3cf31ec by Salvatore Bonaccorso at 2018-08-01T03:19:42Z
Older lftp issues fixed 3.5.9 upstream (and 3.5.9-1 in unstable)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -279458,7 +279458,7 @@ CVE-2007-2350 (admin/config.php in the music-on-hold module in freePBX 2.2.x all
CVE-2007-2349 (Cross-site scripting (XSS) vulnerability in Invision Power Board ...)
NOT-FOR-US: Invision Power Board
CVE-2007-2348 (mirror --script in lftp before 3.5.9 does not properly quote shell ...)
- - lftp <unfixed> (unimportant)
+ - lftp 3.5.9-1 (unimportant)
NOTE: Non-issue, also already documented as potentially risky
CVE-2007-2347 (PHP remote file inclusion vulnerability in main/forum/komentar.php in ...)
NOT-FOR-US: OneClick CMS
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3cf31ec7cf38b7d8ac21d9ba919bed925c1e377
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3cf31ec7cf38b7d8ac21d9ba919bed925c1e377
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180801/784ab333/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list