[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-15699/qpid-dispatch, itp/rfp'ed: #737776
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 13 20:38:06 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fb97ee2f by Salvatore Bonaccorso at 2018-02-13T21:36:44+01:00
Add CVE-2017-15699/qpid-dispatch, itp/rfp'ed: #737776
Based on he now available information from
http://www.openwall.com/lists/oss-security/2018/02/13/5 remove the todo
item questioning if that is specific to on when used with Red Hat JBoss,
and associate the CVE id with qpid-dispatch.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22466,7 +22466,8 @@ CVE-2017-15700 (A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectVali
NOT-FOR-US: Apache Sling Authentication Service
CVE-2017-15699
RESERVED
- TODO: check, this is possibly specific to AMQ Interconnect as used by Red Hat JBoss, although based on Apache Qpid project
+ - qpid-dispatch <itp> (bug #737776)
+ NOTE: http://www.openwall.com/lists/oss-security/2018/02/13/5
CVE-2017-15698 (When parsing the AIA-Extension field of a client certificate, Apache ...)
{DLA-1276-1}
- tomcat-native 1.2.16-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb97ee2f413caf701b625355838ac9124670c1c7
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb97ee2f413caf701b625355838ac9124670c1c7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180213/8fb292cf/attachment.html>
More information about the Secure-testing-commits
mailing list