[Secure-testing-commits] r57633 - data/CVE

Paul Mathijs Gevers Tue, 14 Nov 2017 12:17:01 -0800

Author: elbrus
Date: 2017-11-14 20:16:41 +0000 (Tue, 14 Nov 2017)
New Revision: 57633


Modified:
   data/CVE/list
Log:
[cacti] add info for CVE-2017-16785

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-14 20:08:34 UTC (rev 57632)
+++ data/CVE/list       2017-11-14 20:16:41 UTC (rev 57633)
@@ -88,7 +88,12 @@
        NOT-FOR-US: MyBB
 CVE-2017-16785 (Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. 
...)
        - cacti <unfixed>
+       [stretch] - cacti <not-affected> (Vulnerable code does not exist)
+       [jessie] - cacti <not-affected> (Vulnerable code does not exist)
+       [wheezy] - cacti <not-affected> (Vulnerable code does not exist)
        NOTE: https://github.com/Cacti/cacti/issues/1071
+    NOTE: this is more or less a dublicate of CVE-2017-16641
+    NOTE: one of the applied patches reopened the vulnerability
 CVE-2017-16779
        RESERVED
 CVE-2017-16778


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57633 - data/CVE

Reply via email to