Author: carnil Date: 2017-05-22 04:19:39 +0000 (Mon, 22 May 2017) New Revision: 51807
Modified: data/CVE/list Log: Add CVE-2014-9970/jasypt Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-05-22 02:46:04 UTC (rev 51806) +++ data/CVE/list 2017-05-22 04:19:39 UTC (rev 51807) @@ -39,7 +39,8 @@ CVE-2017-9101 (import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows ...) TODO: check CVE-2014-9970 (jasypt before 1.9.2 allows a timing attack against the password hash ...) - TODO: check + - jasypt 1.9.2-1 + NOTE: https://sourceforge.net/p/jasypt/code/668/ CVE-2017-9100 (login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote ...) NOT-FOR-US: D-Link CVE-2017-XXXX [buffer overflow in output option commandline argument (VL-ID 2068)] _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits