[Git][security-tracker-team/security-tracker][master] mark CVE-2018-13818 as not-affected for jessie
Abhijith PA
gitlab at salsa.debian.org
Wed Sep 5 20:38:50 BST 2018
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1b64fd48 by Abhijith PA at 2018-09-05T19:38:22Z
mark CVE-2018-13818 as not-affected for jessie
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -6582,6 +6582,7 @@ CVE-2018-13819 (A hardcoded secret key, in CA Unified Infrastructure Management
CVE-2018-13818 (Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the ...)
- twig 2.4.4-2
[stretch] - twig <no-dsa> (Minor issue)
+ [jessie] - twig <not-affected> (not tied to the right source)
NOTE: Fixed upstream in 2.4.4
CVE-2018-13817
RESERVED
=====================================
data/dla-needed.txt
=====================================
@@ -97,6 +97,3 @@ symfony (Thorsten Alteholz)
--
thunderbird
--
-twig (Abhijith PA)
- NOTE: 20180824: https://mobile.twitter.com/jameel_nabbo/status/1032593354704515072?s=20
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1b64fd48be6c9bebeb594cd854e3cb7996e5cadb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1b64fd48be6c9bebeb594cd854e3cb7996e5cadb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180905/ae5fb367/attachment.html>
More information about the debian-security-tracker-commits
mailing list