[Git][security-tracker-team/security-tracker][master] Add CVE-2017-16652/symfony
Salvatore Bonaccorso
carnil at debian.org
Sat Jun 16 09:00:39 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d8997559 by Salvatore Bonaccorso at 2018-06-16T09:59:56+02:00
Add CVE-2017-16652/symfony
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -35760,7 +35760,9 @@ CVE-2017-16654
CVE-2017-16653
RESERVED
CVE-2017-16652 (An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before ...)
- TODO: check
+ - symfony 3.4.0+dfsg-1
+ NOTE: https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers
+ NOTE: https://github.com/symfony/symfony/pull/24995
CVE-2017-16651 (Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before ...)
{DSA-4030-1 DLA-1193-1}
- roundcube 1.3.3+dfsg.1-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d89975590763a71d3fbe88812ec19a74db7257a6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d89975590763a71d3fbe88812ec19a74db7257a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180616/36ec3de1/attachment.html>
More information about the debian-security-tracker-commits
mailing list