[Git][security-tracker-team/security-tracker][master] charybdis issue is 4.x only and the patch is incomplete, according to upstream
Antoine Beaupré
anarcat at debian.org
Tue Aug 21 20:43:32 BST 2018
Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker
Commits:
18f6fde6 by Antoine Beaupré at 2018-08-21T19:43:02Z
charybdis issue is 4.x only and the patch is incomplete, according to upstream
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,6 +1,8 @@
CVE-2018-XXXX [security issue with the PASS command and duplicate server instances]
- charybdis <unfixed> (bug #906879)
- NOTE: https://github.com/charybdis-ircd/charybdis/commit/d4b2529a61fb48ebcd54bc0fcc6f400f97bfe251
+ [jessie] - charybdis <not-affected> (Vulnerable code added later)
+ [stretch] - charybdis <not-affected> (Vulnerable code added later)
+ NOTE: partial fix: https://github.com/charybdis-ircd/charybdis/commit/d4b2529a61fb48ebcd54bc0fcc6f400f97bfe251
CVE-2018-15604
RESERVED
CVE-2018-15603 (An issue was discovered in Victor CMS through 2018-05-10. There is XSS ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18f6fde6f4a742a84babd5e3d757296d9fee4f12
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18f6fde6f4a742a84babd5e3d757296d9fee4f12
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180821/83278c6a/attachment.html>
More information about the debian-security-tracker-commits
mailing list