Author: carnil Date: 2017-06-17 19:49:31 +0000 (Sat, 17 Jun 2017) New Revision: 52666
Modified: data/CVE/list Log: Add source package, kibana, itp'ed for found CVEs Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-06-17 19:49:20 UTC (rev 52665) +++ data/CVE/list 2017-06-17 19:49:31 UTC (rev 52666) @@ -3458,7 +3458,7 @@ CVE-2015-9057 (Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail ...) NOT-FOR-US: Proxmox Mail Gateway CVE-2017-8452 (Kibana versions prior to 5.2.1 configured for SSL client access, file ...) - TODO: check + - kibana <itp> (bug #700337) CVE-2017-8451 (With X-Pack installed, Kibana versions before 5.3.1 have an open ...) TODO: check CVE-2017-8450 (X-Pack 5.1.1 did not properly apply document and field level security ...) @@ -3540,9 +3540,9 @@ NOTE: Issue addressed in Debian via: https://sources.debian.net/patches/lame/3.99.5%2Brepack1-9/0001-Add-check-for-invalid-input-sample-rate.patch/ NOTE: in the revised version as included in 3.99.5+repack1-7 CVE-2016-10366 (Kibana versions after and including 4.3 and before 4.6.2 are ...) - TODO: check + - kibana <itp> (bug #700337) CVE-2016-10365 (Kibana versions before 4.6.3 and 5.0.1 have an open redirect ...) - TODO: check + - kibana <itp> (bug #700337) CVE-2016-10364 (With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not ...) TODO: check CVE-2016-10363 (Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, ...) @@ -3570,7 +3570,7 @@ CVE-2016-10352 RESERVED CVE-2015-9056 (Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS ...) - TODO: check + - kibana <itp> (bug #700337) CVE-2017-8905 (Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, ...) {DSA-3847-1 DLA-964-1} - xen 4.8.0~rc3-1 (bug #861662) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits