[Git][security-tracker-team/security-tracker][master] CVE-2017-15377/suricata: wheezy not affected
Hugo Lefeuvre
hle at debian.org
Sat Jun 1 14:51:56 BST 2019
Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5c223625 by Hugo Lefeuvre at 2019-06-01T13:50:10Z
CVE-2017-15377/suricata: wheezy not affected
Vulnerable code introduced in 1.3beta1.
This is old triage, but still relevant for the ELTS initiative.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -92725,9 +92725,10 @@ CVE-2017-15377 (In Suricata before 4.x, it was possible to trigger lots of redun
{DLA-1603-1}
- suricata 1:4.0.0-1 (low)
[stretch] - suricata <no-dsa> (Minor issue)
- [wheezy] - suricata <no-dsa> (Minor issue)
+ [wheezy] - suricata <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/OISF/suricata/pull/2680/commits/47afc577ff763150f9b47f10331f5ef9eb847a57
NOTE: https://redmine.openinfosecfoundation.org/issues/2231
+ NOTE: introduced in https://github.com/OISF/suricata/commit/35f1f7e8d944a3
CVE-2017-15376 (The TELNET service in Mobatek MobaXterm 10.4 does not require authenti ...)
NOT-FOR-US: Mobatek MobaXterm
CVE-2017-15375 (Multiple client-side cross site scripting vulnerabilities have been di ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c2236259859f9a1da36b1e50f2f813ebf9a0b22
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c2236259859f9a1da36b1e50f2f813ebf9a0b22
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190601/d618fd30/attachment.html>
More information about the debian-security-tracker-commits
mailing list