[Secure-testing-commits] r57634 - data/CVE

Tue, 14 Nov 2017 12:26:58 -0800 

Author: elbrus
Date: 2017-11-14 20:26:40 +0000 (Tue, 14 Nov 2017)
New Revision: 57634

Modified:
   data/CVE/list
Log:
[cacti] Update CVE-2017-16660 and CVE-2017-16661 with unaffected versions

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-14 20:16:41 UTC (rev 57633)
+++ data/CVE/list       2017-11-14 20:26:40 UTC (rev 57634)
@@ -92,8 +92,8 @@
        [jessie] - cacti <not-affected> (Vulnerable code does not exist)
        [wheezy] - cacti <not-affected> (Vulnerable code does not exist)
        NOTE: https://github.com/Cacti/cacti/issues/1071
-    NOTE: this is more or less a dublicate of CVE-2017-16641
-    NOTE: one of the applied patches reopened the vulnerability
+       NOTE: this is more or less a dublicate of CVE-2017-16641
+       NOTE: one of the applied patches reopened the vulnerability
 CVE-2017-16779
        RESERVED
 CVE-2017-16778
@@ -417,12 +417,18 @@
        NOTE: 
https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1
 CVE-2017-16661 (Cacti 1.1.27 allows remote authenticated administrators to 
read ...)
        - cacti <unfixed>
+       [stretch] - cacti <not-affected> (Vulnerable code does not exist)
+       [jessie] - cacti <not-affected> (Vulnerable code does not exist)
        [wheezy] - cacti <not-affected> (Vulnerable code does not exist)
        NOTE: https://github.com/Cacti/cacti/issues/1066
+       NOTE: affected code was introduced in the 1.x release
 CVE-2017-16660 (Cacti 1.1.27 allows remote authenticated administrators to 
conduct ...)
        - cacti <unfixed>
+       [stretch] - cacti <not-affected> (Vulnerable code does not exist)
+       [jessie] - cacti <not-affected> (Vulnerable code does not exist)
        [wheezy] - cacti <not-affected> (Vulnerable code does not exist)
        NOTE: https://github.com/Cacti/cacti/issues/1066
+       NOTE: affected code was introduced in the 1.x release
 CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated 
administrators ...)
        - cacti <unfixed> (bug #881110)
        NOTE: https://github.com/Cacti/cacti/issues/1057


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to