[Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-1246{6,7}/open-build-service
Salvatore Bonaccorso
carnil at debian.org
Fri Aug 3 20:01:19 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7bac6cec by Salvatore Bonaccorso at 2018-08-03T19:01:08Z
Update status for CVE-2018-1246{6,7}/open-build-service
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5911,13 +5911,15 @@ CVE-2018-12468 (A vulnerability in the administration console of Micro Focus Gro
CVE-2018-12467 (Authorized users of the openbuildservice before 2.9.4 could delete ...)
- open-build-service <undetermined>
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1100217
- NOTE: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
- TODO: check
+ NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
+ NOTE: Introduced by: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
+ TODO: check if introducing commit is right and fix status
CVE-2018-12466 (openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...)
- open-build-service <undetermined>
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1098934
- NOTE: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
- TODO: check
+ NOTE: Fixed by: https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063
+ NOTE: Introduced by: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
+ TODO: check if introducing commit is right and fix status
CVE-2018-12465 (An OS command injection vulnerability in the web administration ...)
NOT-FOR-US: Micro Focus
CVE-2018-12464 (A SQL injection vulnerability in the web administration and quarantine ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bac6cec9adac1b4da04a2d5537d3aa1199de69a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bac6cec9adac1b4da04a2d5537d3aa1199de69a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180803/d6d7eeb3/attachment.html>
More information about the debian-security-tracker-commits
mailing list