[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add further note for CVE-2017-10690
Salvatore Bonaccorso
carnil at debian.org
Wed Feb 14 19:41:36 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
533c425f by Salvatore Bonaccorso at 2018-02-14T20:40:48+01:00
Add further note for CVE-2017-10690
The issue might actually be present prior to 5.x in puppet, and only
maked before commits in 4.10.5.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -37661,6 +37661,9 @@ CVE-2017-10690 (In previous versions of Puppet Agent it was possible for the age
- puppet <not-affected> (Only affects Puppet 5, only in experimental)
NOTE: https://puppet.com/security/cve/CVE-2017-10690
NOTE: https://tickets.puppetlabs.com/browse/PUP-8225
+ NOTE: Fixed by: https://github.com/puppetlabs/puppet/commit/bd87bef2c3862d333f4c1f2b148b147d449a375b
+ NOTE: Prior to 4.10.5 the problem was partially masked:
+ NOTE: https://tickets.puppetlabs.com/browse/PUP-8225?focusedCommentId=525381&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-525381
CVE-2017-10689 (In previous versions of Puppet Agent it was possible to install a ...)
- puppet <unfixed> (bug #890412)
[stretch] - puppet <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/533c425f24aff21400cf3cc1d92050ac9df2f0a5
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/533c425f24aff21400cf3cc1d92050ac9df2f0a5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180214/fe16c137/attachment.html>
More information about the Secure-testing-commits
mailing list