[Git][security-tracker-team/security-tracker][master] Expand note for CVE-2017-12165

Salvatore Bonaccorso carnil at debian.org
Tue May 8 07:42:13 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
33a6817d by Salvatore Bonaccorso at 2018-05-08T08:41:54+02:00
Expand note for CVE-2017-12165

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -44487,6 +44487,8 @@ CVE-2017-12165 [improper whitespace parsing leading to potential HTTP request sm
 	RESERVED
 	- undertow <unfixed> (bug #885338)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1490301
+	NOTE: Fix likely included in the same commit as the fix for CVE-2017-7559
+	NOTE: https://github.com/undertow-io/undertow/commit/3436b03eda8b0b62c1855698c4d7c358add836c2
 CVE-2017-12164 [lock screen can be circumvented when autologin is set]
 	RESERVED
 	- gdm3 3.26.0-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/33a6817d87998b06714860516906d5b0eb99c0e3

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/33a6817d87998b06714860516906d5b0eb99c0e3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180508/0c2c3c59/attachment.html>


More information about the debian-security-tracker-commits mailing list