[Git][security-tracker-team/security-tracker][master] Add CVE-2008-7320/seahorse

Sun Nov 18 20:28:23 GMT 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1234b83b by Salvatore Bonaccorso at 2018-11-18T20:27:37Z
Add CVE-2008-7320/seahorse

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,11 @@ CVE-2018-19352 (Jupyter Notebook before 5.7.2 allows XSS via a crafted directory
 CVE-2018-19351 (Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook ...)
 	TODO: check
 CVE-2008-7320 (** DISPUTED ** GNOME Seahorse through 3.30 allows physically proximate ...)
-	TODO: check
+	- seahorse <unfixed> (unimportant)
+	NOTE: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774
+	NOTE: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774/comments/13
+	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=551036
+	NOTE: Explicitly a design decision by upstream and not considered a security issue
 CVE-2018-19350 (In SeaCMS v6.6.4, there is stored XSS via the ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-19349 (In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1234b83b3b1ab07d5c5791642da613cd5b1012e7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1234b83b3b1ab07d5c5791642da613cd5b1012e7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181118/a80ec051/attachment.html>
