[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] redmine: RCE
Paul Wise
pabs at debian.org
Wed Jan 10 03:33:52 UTC 2018
Paul Wise pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0ccd9c96 by Paul Wise at 2018-01-10T11:32:42+08:00
redmine: RCE
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,8 @@
+CVE-2018-XXXX [Remote command execution through mercurial adapter]
+ - redmine <unfixed>
+ [wheezy] - redmine <end-of-life> (Not supported wheezy LTS)
+ NOTE: https://www.redmine.org/issues/27516 (private)
+ NOTE: upstream fixed in 3.2.9, 3.3.6 and 3.4.4
CVE-2018-5313
RESERVED
CVE-2017-1000415 (MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ccd9c96f37e10afa078fc69dffcbea7879eb310
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ccd9c96f37e10afa078fc69dffcbea7879eb310
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180110/4faeb40b/attachment.html>
More information about the Secure-testing-commits
mailing list