[Git][security-tracker-team/security-tracker][master] Remove no-dsa entries for spip, will get a DSA
Salvatore Bonaccorso
carnil at debian.org
Wed Jun 13 20:37:41 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0cc91f35 by Salvatore Bonaccorso at 2018-06-13T21:37:15+02:00
Remove no-dsa entries for spip, will get a DSA
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -37793,8 +37793,6 @@ CVE-2017-15737 (IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 all
NOT-FOR-US: IrfanView
CVE-2017-15736 (Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 ...)
- spip 3.1.4-4 (bug #879954)
- [stretch] - spip <no-dsa> (Minor issue)
- [jessie] - spip <no-dsa> (Minor issue)
[wheezy] - spip <not-affected> (vulnerable code not present)
NOTE: https://core.spip.net/projects/spip/repository/revisions/23701
CVE-2017-15735 (In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0cc91f350288afed9afa59f0ca1abc5a716d74a5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0cc91f350288afed9afa59f0ca1abc5a716d74a5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180613/dda19c40/attachment.html>
More information about the debian-security-tracker-commits
mailing list