Author: alteholz Date: 2017-10-19 13:58:44 +0000 (Thu, 19 Oct 2017) New Revision: 56871
Modified: data/CVE/list Log: jessie and wheezy are not affected by CVE-2017-15385 Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-19 13:28:02 UTC (rev 56870) +++ data/CVE/list 2017-10-19 13:58:44 UTC (rev 56871) @@ -563,6 +563,8 @@ [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2017-15385 (The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...) - radare2 <unfixed> + [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) + [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) NOTE: https://github.com/radare/radare2/issues/8685 NOTE: https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4 CVE-2017-15384 (rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action. ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits