[Git][security-tracker-team/security-tracker][master] 3 commits: Add upstream reference for CVE-2016-10539

Salvatore Bonaccorso carnil at debian.org
Sun Jun 10 07:21:38 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19b8253c by Salvatore Bonaccorso at 2018-06-10T08:19:47+02:00
Add upstream reference for CVE-2016-10539

- - - - -
1262816c by Salvatore Bonaccorso at 2018-06-10T08:19:48+02:00
Add references for CVE-2016-10537

- - - - -
6e3ce372 by Salvatore Bonaccorso at 2018-06-10T08:19:48+02:00
Add note for CVE-2016-10537

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -36733,11 +36733,15 @@ CVE-2016-10540 (Minimatch is a minimal matching utility that works by converting
 	TODO: check
 CVE-2016-10539 (negotiator is an HTTP content negotiator for Node.js and is used by ...)
 	- node-negotiator 0.6.1-1 (unimportant)
+	NOTE: https://nodesecurity.io/advisories/106
 	NOTE: nodejs not covered by security support
 CVE-2016-10538 (The package `node-cli` before 1.0.0 insecurely uses the lock_file and ...)
 	- node-cli <unfixed> (unimportant; bug #809252)
+	NOTE: https://github.com/node-js-libs/cli/issues/81
+	NOTE: https://nodesecurity.io/advisories/95
 CVE-2016-10537 (backbone is a module that adds in structure to a JavaScript heavy ...)
 	- backbone 0.5.3-1
+	NOTE: https://nodesecurity.io/advisories/108
 CVE-2016-10536 (engine.io-client is the client for engine.io, the implementation of a ...)
 	TODO: check
 CVE-2016-10535 (csrf-lite is a cross-site request forgery protection library for ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3989c03919b257f15937effc2180ee92c317f74d...6e3ce372867e55f87ac74a1cc799d01529f218d9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3989c03919b257f15937effc2180ee92c317f74d...6e3ce372867e55f87ac74a1cc799d01529f218d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180610/e21f9ba3/attachment.html>

More information about the debian-security-tracker-commits mailing list