Author: hertzog
Date: 2017-11-14 16:56:12 +0000 (Tue, 14 Nov 2017)
New Revision: 57625
Modified:
data/CVE/list
Log:
Update data for CVE-2017-10672
* experimental entry is no longer required
* update pull request URL to the one that got merged
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-14 16:48:41 UTC (rev 57624)
+++ data/CVE/list 2017-11-14 16:56:12 UTC (rev 57625)
@@ -17531,10 +17531,9 @@
CVE-2017-10673 (admin/profile.php in GetSimple CMS 3.x has XSS in a name
field. ...)
NOT-FOR-US: GetSimple CMS
CVE-2017-10672 (Use-after-free in the XML-LibXML module through 2.0129 for
Perl allows ...)
- [experimental] - libxml-libxml-perl 2.0128+dfsg-4
- libxml-libxml-perl 2.0128+dfsg-5 (bug #866676)
NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=122246
- NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/9
+ NOTE: Pull request: https://github.com/shlomif/perl-XML-LibXML/pull/8
CVE-2017-10671 (Heap-based Buffer Overflow in the de_dotdot function in
libhttpd.c in ...)
- thttpd <removed>
CVE-2017-10670 (An XML External Entity (XXE) issue exists in OSCI-Transport
1.2 as used ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
