[Git][security-tracker-team/security-tracker][master] Add CVE-2018-11469/haproxy
Salvatore Bonaccorso
carnil at debian.org
Fri May 25 21:34:25 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
02fc94ae by Salvatore Bonaccorso at 2018-05-25T22:32:13+02:00
Add CVE-2018-11469/haproxy
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -21,7 +21,10 @@ CVE-2018-11471 (Cockpit 0.5.5 has XSS via a collection, form, or region. ...)
CVE-2018-11470 (iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' ...)
NOT-FOR-US: iScripts eSwap
CVE-2018-11469 (Incorrect caching of responses to requests including an Authorization ...)
- TODO: check
+ - haproxy <unfixed>
+ [stretch] - haproxy <not-affected> (Issue introduced in 1.8.0)
+ [jessie] - haproxy <not-affected> (Issue introduced in 1.8.0)
+ NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=17514045e5d934dede62116216c1b016fe23dd06
CVE-2018-11468 (The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT ...)
TODO: check
CVE-2018-11467
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02fc94aec7448657dd344162ff43b5d21a2d6e43
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02fc94aec7448657dd344162ff43b5d21a2d6e43
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180525/b46906d5/attachment.html>
More information about the debian-security-tracker-commits
mailing list