[Git][security-tracker-team/security-tracker][master] Update note about including own apache2 configuration for CVE-2018-15537

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
24b96e59 by Salvatore Bonaccorso at 2024-07-24T07:26:02+02:00
Update note about including own apache2 configuration for CVE-2018-15537

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -425104,7 +425104,8 @@ CVE-2018-15537 (Unrestricted file upload (with remote code execution) in OCS Inv
 	- ocsinventory-server 2.8.1+dfsg1+~2.11.1-1 (unimportant)
 	NOTE: Authentication is needed, only supported in trusted environments, see debtags
 	NOTE: Bug https://github.com/OCSInventory-NG/OCSInventory-ocsreports/issues/1323
-	NOTE: fixed in oscinventory-report component version 2.10
+	NOTE: Fixed in oscinventory-report component version 2.10. Debian installs a own
+	NOTE: ocsinventory-reports.conf since 2.2+dfsg-0.1.
 CVE-2018-15536 (/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9 ...)
 	NOT-FOR-US: tecrail Responsive FileManager
 CVE-2018-15535 (/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24b96e591679a1cc17e1187eb5d9c088cc800c79

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24b96e591679a1cc17e1187eb5d9c088cc800c79
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240724/cbe645fc/attachment.htm>