Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3a2bff4e by security tracker role at 2018-06-30T08:10:35+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -49043,7 +49043,7 @@ CVE-2017-12873 (SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obt NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/e2daf4ceb6e580815c3741384b3a09b85a5fc231 NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/300d8aa48fe93706ade95be481c68e9cf2f32d1f CVE-2017-12872 (The (1) Htpasswd authentication source in the authcrypt module and (2) ...) - {DLA-1205-1} + {DLA-1408-1 DLA-1205-1} - simplesamlphp 1.14.15-1 NOTE: https://simplesamlphp.org/security/201703-01 NOTE: Patches: https://github.com/simplesamlphp/simplesamlphp/commit/ab7761d4a523a4ed00479fb1ddba688e7ca72439 @@ -49064,7 +49064,7 @@ CVE-2017-12869 (The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows NOTE: https://simplesamlphp.org/security/201704-02 NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/f1e485284dd428ab3cd9500c62e19c7c7234be9a CVE-2017-12868 (The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in ...) - {DLA-1205-1} + {DLA-1408-1 DLA-1205-1} - simplesamlphp 1.14.15-1 NOTE: https://simplesamlphp.org/security/201705-01 NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1 @@ -64703,12 +64703,12 @@ CVE-2017-7653 (The Eclipse Mosquitto broker up to version 1.4.15 does not reject - mosquitto <unfixed> NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=532113 CVE-2017-7652 (In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running ...) - {DLA-1334-1} + {DLA-1409-1 DLA-1334-1} - mosquitto 1.4.15-1 NOTE: Patches: https://mosquitto.org/files/cve/2017-7652 NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/ CVE-2017-7651 (In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server ...) - {DLA-1334-1} + {DLA-1409-1 DLA-1334-1} - mosquitto 1.4.15-1 NOTE: Patches: https://mosquitto.org/files/cve/2017-7651 NOTE: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a2bff4e1dc6fabeafdb505e0917ceb9679e3233 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a2bff4e1dc6fabeafdb505e0917ceb9679e3233 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits