Author: elbrus Date: 2017-11-14 20:16:41 +0000 (Tue, 14 Nov 2017) New Revision: 57633
Modified: data/CVE/list Log: [cacti] add info for CVE-2017-16785 Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-14 20:08:34 UTC (rev 57632) +++ data/CVE/list 2017-11-14 20:16:41 UTC (rev 57633) @@ -88,7 +88,12 @@ NOT-FOR-US: MyBB CVE-2017-16785 (Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. ...) - cacti <unfixed> + [stretch] - cacti <not-affected> (Vulnerable code does not exist) + [jessie] - cacti <not-affected> (Vulnerable code does not exist) + [wheezy] - cacti <not-affected> (Vulnerable code does not exist) NOTE: https://github.com/Cacti/cacti/issues/1071 + NOTE: this is more or less a dublicate of CVE-2017-16641 + NOTE: one of the applied patches reopened the vulnerability CVE-2017-16779 RESERVED CVE-2017-16778 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits