[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-1000053/limesurvey, itp'ed: #472802

Sat, 10 Feb 2018 02:00:42 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c644b392 by Salvatore Bonaccorso at 2018-02-10T10:59:15+01:00
Add CVE-2018-1000053/limesurvey, itp'ed: #472802

- - - - -
064fc571 by Salvatore Bonaccorso at 2018-02-10T10:59:38+01:00
Associate CVE-2012-4927 with limesurvey

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -584,7 +584,7 @@ CVE-2018-1000055 (Jenkins Android Lint Plugin 2.5 and 
earlier processes XML exte
 CVE-2018-1000054 (Jenkins CCM Plugin 3.1 and earlier processes XML external 
entities in ...)
        NOT-FOR-US: Jenkins CCM Plugin
 CVE-2018-1000053 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite 
Request ...)
-       TODO: check
+       - limesurvey <itp> (bug #472802)
 CVE-2018-1000052 (fmtlib version prior to version 4.1.0 (before commit ...)
        - fmtlib <unfixed>
        NOTE: https://github.com/fmtlib/fmt/issues/642
@@ -174394,7 +174394,7 @@ CVE-2012-4929 (The TLS protocol 1.2 and earlier, as 
used in Mozilla Firefox, Goo
 CVE-2012-4928 (Cross-site scripting (XSS) vulnerability in 
ow_updates/index.php in ...)
        NOT-FOR-US: Oxwall 1.1.1
 CVE-2012-4927 (SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) 
before ...)
-       NOT-FOR-US: Limesurvey
+       - limesurvey <itp> (bug #472802)
 CVE-2012-4926 (approve.php in Img Pals Photo Host 1.0 does not authenticate 
requests, ...)
        NOT-FOR-US: Img Pals Photo Host 1.0
 CVE-2012-4925 (Multiple SQL injection vulnerabilities in approve.php in Img 
Pals ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/6a34ad2765a94a1e7d2ae8c5f6c97146fbc99ef9...064fc571bbd2b558217f56f23c302c0a0f443360

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/6a34ad2765a94a1e7d2ae8c5f6c97146fbc99ef9...064fc571bbd2b558217f56f23c302c0a0f443360
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to