[Git][security-tracker-team/security-tracker][master] Add CVE-2018-11385/symfony
Salvatore Bonaccorso
carnil at debian.org
Sat Jun 16 09:01:56 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b42872a8 by Salvatore Bonaccorso at 2018-06-16T10:01:34+02:00
Add CVE-2018-11385/symfony
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2697,7 +2697,8 @@ CVE-2018-11387
CVE-2018-11386 (An issue was discovered in the HttpFoundation component in Symfony ...)
TODO: check
CVE-2018-11385 (An issue was discovered in the Security component in Symfony 2.7.x ...)
- TODO: check
+ - symfony <unfixed>
+ NOTE: https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication
CVE-2018-11384 (The sh_op() function in radare2 2.5.0 allows remote attackers to cause ...)
- radare2 <unfixed> (low)
[stretch] - radare2 <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b42872a838d01754c1c414dde698b1f47ebe9cb1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b42872a838d01754c1c414dde698b1f47ebe9cb1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180616/4823e5b5/attachment.html>
More information about the debian-security-tracker-commits
mailing list