[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-12196/undertow
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 13 06:59:43 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
389cbc59 by Salvatore Bonaccorso at 2018-03-13T07:59:19+01:00
Add CVE-2017-12196/undertow
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -36733,8 +36733,10 @@ CVE-2017-12197 (It was found that libpam4j up to and including 1.8 did not prope
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1503103
NOTE: https://github.com/kohsuke/libpam4j/issues/18
NOTE: (Non-upstream) patch: https://github.com/letonez/libpam4j/commit/84f32f4001fc6bdcc125ccc959081de022d18b6d
-CVE-2017-12196
+CVE-2017-12196 [Client can use bogus uri in Digest authentication]
RESERVED
+ - undertow <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1503055
CVE-2017-12195
RESERVED
NOT-FOR-US: OpenShift
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/389cbc59d8cfbc4a474c1b576a787ae91119811f
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/389cbc59d8cfbc4a474c1b576a787ae91119811f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180313/5cdaaf7d/attachment.html>
More information about the Secure-testing-commits
mailing list