[Git][security-tracker-team/security-tracker][master] Update status for CVE-2016-1133/h2o
Salvatore Bonaccorso
carnil at debian.org
Sun Jul 29 05:12:44 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9b4eee23 by Salvatore Bonaccorso at 2018-07-29T04:12:27Z
Update status for CVE-2016-1133/h2o
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -118890,7 +118890,10 @@ CVE-2016-1135 (Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 dev
CVE-2016-1134 (Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 ...)
NOT-FOR-US: BUFFALO
CVE-2016-1133 (CRLF injection vulnerability in the on_req function in ...)
- NOT-FOR-US: H2O
+ - h2o <not-affected> (Fixed before initial upload to Debian)
+ NOTE: https://github.com/h2o/h2o/issues/682
+ NOTE: https://github.com/h2o/h2o/issues/684
+ NOTE: https://github.com/h2o/h2o/pull/684
CVE-2016-1132 (Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify ...)
NOT-FOR-US: Shoplat App
CVE-2016-1131 (Buffer overflow in the CL_vsprintf function in Takumi Yamada DX ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9b4eee238e0590eefa9784d8228a672e429a442a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9b4eee238e0590eefa9784d8228a672e429a442a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180729/64a3a676/attachment.html>
More information about the debian-security-tracker-commits
mailing list