[Git][security-tracker-team/security-tracker][master] mark jessie as not affected by CVE-2018-11386

Thorsten Alteholz alteholz at debian.org
Thu Sep 13 14:39:51 BST 2018


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
16830e21 by Thorsten Alteholz at 2018-09-13T13:26:40Z
mark jessie as not affected by CVE-2018-11386

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13932,6 +13932,7 @@ CVE-2018-11387
 CVE-2018-11386 (An issue was discovered in the HttpFoundation component in Symfony ...)
 	{DSA-4262-1}
 	- symfony 3.4.12+dfsg-1
+	[jessie] - symfony <not-affected> (vulnerable code no present, no rollback mechanism in this version)
 	NOTE: https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler
 CVE-2018-11385 (An issue was discovered in the Security component in Symfony 2.7.x ...)
 	{DSA-4262-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/16830e2186d70719a467fa3fea70b5fa8fff5f8e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/16830e2186d70719a467fa3fea70b5fa8fff5f8e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180913/584bcc2a/attachment.html>


More information about the debian-security-tracker-commits mailing list