Author: jmm
Date: 2017-10-03 21:47:45 +0000 (Tue, 03 Oct 2017)
New Revision: 56389
Modified:
data/CVE/list
Log:
node-tough-cookie bug
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-03 21:43:02 UTC (rev 56388)
+++ data/CVE/list 2017-10-03 21:47:45 UTC (rev 56389)
@@ -1,7 +1,9 @@
CVE-2017-15011 (The named pipes in qtsingleapp in Qt 5.x, as used in
qBittorrent and ...)
TODO: check, can't make much sense of it, probably limited to Win32
CVE-2017-15010 (A ReDoS (regular expression denial of service) flaw was found
in the ...)
- - node-tough-cookie <unfixed>
+ - node-tough-cookie <unfixed> (bug #877660)
+ NOTE: https://github.com/salesforce/tough-cookie/issues/92
+ NOTE: https://nodesecurity.io/advisories/525
CVE-2017-15009 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to
reflected ...)
NOT-FOR-US: PRTG Network Monitor
CVE-2017-15008 (PRTG Network Monitor version 17.3.33.2830 is vulnerable to
stored ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
