[Secure-testing-commits] r51807 - data/CVE

Salvatore Bonaccorso Sun, 21 May 2017 21:19:55 -0700

Author: carnil
Date: 2017-05-22 04:19:39 +0000 (Mon, 22 May 2017)
New Revision: 51807


Modified:
   data/CVE/list
Log:
Add CVE-2014-9970/jasypt

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-22 02:46:04 UTC (rev 51806)
+++ data/CVE/list       2017-05-22 04:19:39 UTC (rev 51807)
@@ -39,7 +39,8 @@
 CVE-2017-9101 (import.php (aka the Phonebook import feature) in PlaySMS 1.4 
allows ...)
        TODO: check
 CVE-2014-9970 (jasypt before 1.9.2 allows a timing attack against the password 
hash ...)
-       TODO: check
+       - jasypt 1.9.2-1
+       NOTE: https://sourceforge.net/p/jasypt/code/668/
 CVE-2017-9100 (login.cgi on D-Link DIR-600M devices with firmware 3.04 allows 
remote ...)
        NOT-FOR-US: D-Link
 CVE-2017-XXXX [buffer overflow in output option commandline argument (VL-ID 
2068)]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r51807 - data/CVE

Reply via email to