[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Cleanup trailing whitespaces

Salvatore Bonaccorso carnil at debian.org
Sat Mar 17 16:30:04 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2bf6c8fd by Salvatore Bonaccorso at 2018-03-17T17:29:14+01:00
Cleanup trailing whitespaces

- - - - -
cbffc92b by Salvatore Bonaccorso at 2018-03-17T17:29:43+01:00
Add additional reference for CVE-2018-7490

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3065,6 +3065,7 @@ CVE-2018-7490 (uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use o
 	- uwsgi <unfixed> (bug #891639)
 	NOTE: Fixed in 2.0.17 upstream
 	NOTE: https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a
+	NOTE: https://blog.runesec.com/2018/03/01/uwsgi-path-traversal/
 CVE-2018-7489 (FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 ...)
 	- jackson-databind <unfixed> (bug #891614)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1931
@@ -16221,7 +16222,7 @@ CVE-2018-2681 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources ..
 CVE-2018-2680 (Vulnerability in the Java VM component of Oracle Database Server. ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2679 (Vulnerability in the Oracle Financial Services Profitability ...)
-	NOT-FOR-US: Oracle Financial Services Applications 
+	NOT-FOR-US: Oracle Financial Services Applications
 CVE-2018-2678 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
 	- openjdk-9 9.0.4+12-1
 	- openjdk-8 8u162-b12-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/956515b30281869c4772d22ea9f0e9dfe036db59...cbffc92ba8f3612a83d9310c6dcfc24f2395f593

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/956515b30281869c4772d22ea9f0e9dfe036db59...cbffc92ba8f3612a83d9310c6dcfc24f2395f593
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180317/3ff72445/attachment.html>

More information about the Secure-testing-commits mailing list