[Secure-testing-commits] r49428 - data/CVE

Brian May Sun, 05 Mar 2017 22:57:23 -0800

Author: bam
Date: 2017-03-06 06:56:51 +0000 (Mon, 06 Mar 2017)
New Revision: 49428


Modified:
   data/CVE/list
Log:
Add link to upstream BTS for web2py issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-03-06 05:52:47 UTC (rev 49427)
+++ data/CVE/list       2017-03-06 06:56:51 UTC (rev 49428)
@@ -32560,10 +32560,13 @@
        NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/fd7e0c02e272913a0a8b6d492c7260dfca0b1408
 (v3.2.1)
 CVE-2016-4808 (Web2py versions 2.14.5 and below was affected by CSRF (Cross 
Site ...)
        - web2py <unfixed> (bug #856127)
+       NOTE: https://github.com/web2py/web2py/issues/1585
 CVE-2016-4807 (Web2py versions 2.14.5 and below was affected by Reflected XSS 
...)
        - web2py <unfixed> (bug #856127)
+       NOTE: https://github.com/web2py/web2py/issues/1585
 CVE-2016-4806 (Web2py versions 2.14.5 and below was affected by Local File 
Inclusion ...)
        - web2py <unfixed> (bug #856127)
+       NOTE: https://github.com/web2py/web2py/issues/1585
 CVE-2016-4803 (CRLF injection vulnerability in the send email functionality in 
dotCMS ...)
        NOT-FOR-US: dotCMS
 CVE-2016-4802 (Multiple untrusted search path vulnerabilities in cURL and 
libcurl ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r49428 - data/CVE

Reply via email to