[Secure-testing-commits] r21564 - data/CVE

Salvatore Bonaccorso Sat, 09 Mar 2013 14:02:26 -0800

Author: carnil
Date: 2013-03-09 22:02:19 +0000 (Sat, 09 Mar 2013)
New Revision: 21564


Modified:
   data/CVE/list
Log:
add item to check if libdancer2-perl (in NEW queue) also affected by Cookie 
name CRLF injection, see CVE-2012-5572 for libdancer-perl

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-03-09 15:32:42 UTC (rev 21563)
+++ data/CVE/list       2013-03-09 22:02:19 UTC (rev 21564)
@@ -8149,6 +8149,7 @@
        - libdancer-perl <unfixed> (low; bug #694279)
        [wheezy] - libdancer-perl <unfixed> (low; bug #694279)
        NOTE: https://github.com/PerlDancer/Dancer/issues/859
+       TODO: check if libdancer2-perl also affected?
 CVE-2012-5571 (OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not 
...)
        - keystone 2012.1.1-11 (bug #694433)
 CVE-2012-5570


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r21564 - data/CVE

Reply via email to