Author: carnil Date: 2016-06-02 06:13:35 +0000 (Thu, 02 Jun 2016) New Revision: 42236
Modified: data/CVE/list Log: CVE-2015-8857 assigned for uglifyjs Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-06-02 06:12:17 UTC (rev 42235) +++ data/CVE/list 2016-06-02 06:13:35 UTC (rev 42236) @@ -3171,8 +3171,6 @@ RESERVED - uglifyjs <unfixed> (unimportant) NOTE: libv8 is not covered by security support -CVE-2015-8857 - RESERVED CVE-2015-8854 [marked: regular expression denial of service] RESERVED - node-marked <unfixed> (unimportant) @@ -7918,7 +7916,7 @@ NOT-FOR-US: SAP CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE ...) NOT-FOR-US: SAP -CVE-2015-XXXX [incorrect handling of non-boolean comparisons during minification] +CVE-2015-8857 [incorrect handling of non-boolean comparisons during minification] - uglifyjs <unfixed> (unimportant) NOTE: fixed in 2.4.24 NOTE: https://zyan.scripts.mit.edu/blog/backdooring-js/ _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits