Author: carnil
Date: 2017-06-17 19:49:31 +0000 (Sat, 17 Jun 2017)
New Revision: 52666
Modified:
data/CVE/list
Log:
Add source package, kibana, itp'ed for found CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-17 19:49:20 UTC (rev 52665)
+++ data/CVE/list 2017-06-17 19:49:31 UTC (rev 52666)
@@ -3458,7 +3458,7 @@
CVE-2015-9057 (Multiple cross-site scripting (XSS) vulnerabilities in Proxmox
Mail ...)
NOT-FOR-US: Proxmox Mail Gateway
CVE-2017-8452 (Kibana versions prior to 5.2.1 configured for SSL client
access, file ...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2017-8451 (With X-Pack installed, Kibana versions before 5.3.1 have an
open ...)
TODO: check
CVE-2017-8450 (X-Pack 5.1.1 did not properly apply document and field level
security ...)
@@ -3540,9 +3540,9 @@
NOTE: Issue addressed in Debian via:
https://sources.debian.net/patches/lame/3.99.5%2Brepack1-9/0001-Add-check-for-invalid-input-sample-rate.patch/
NOTE: in the revised version as included in 3.99.5+repack1-7
CVE-2016-10366 (Kibana versions after and including 4.3 and before 4.6.2 are
...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2016-10365 (Kibana versions before 4.6.3 and 5.0.1 have an open redirect
...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2016-10364 (With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were
not ...)
TODO: check
CVE-2016-10363 (Logstash versions prior to 2.3.3, when using the Netflow Codec
plugin, ...)
@@ -3570,7 +3570,7 @@
CVE-2016-10352
RESERVED
CVE-2015-9056 (Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a
XSS ...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2017-8905 (Xen through 4.6.x on 64-bit platforms mishandles a failsafe
callback, ...)
{DSA-3847-1 DLA-964-1}
- xen 4.8.0~rc3-1 (bug #861662)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
