[Git][security-tracker-team/security-tracker][master] mark jessie as not affected by CVE-2018-11386
Thorsten Alteholz
alteholz at debian.org
Thu Sep 13 14:39:51 BST 2018
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
16830e21 by Thorsten Alteholz at 2018-09-13T13:26:40Z
mark jessie as not affected by CVE-2018-11386
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13932,6 +13932,7 @@ CVE-2018-11387
CVE-2018-11386 (An issue was discovered in the HttpFoundation component in Symfony ...)
{DSA-4262-1}
- symfony 3.4.12+dfsg-1
+ [jessie] - symfony <not-affected> (vulnerable code no present, no rollback mechanism in this version)
NOTE: https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler
CVE-2018-11385 (An issue was discovered in the Security component in Symfony 2.7.x ...)
{DSA-4262-1}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/16830e2186d70719a467fa3fea70b5fa8fff5f8e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/16830e2186d70719a467fa3fea70b5fa8fff5f8e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180913/584bcc2a/attachment.html>
More information about the debian-security-tracker-commits
mailing list