[Secure-testing-commits] r57039 - data/CVE

Salvatore Bonaccorso Fri, 27 Oct 2017 12:06:25 -0700

Author: carnil
Date: 2017-10-27 19:06:04 +0000 (Fri, 27 Oct 2017)
New Revision: 57039


Modified:
   data/CVE/list
Log:
Update status for CVE-2016-10516/python-werkzeug

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-27 18:56:52 UTC (rev 57038)
+++ data/CVE/list       2017-10-27 19:06:04 UTC (rev 57039)
@@ -250,7 +250,10 @@
 CVE-2017-15806
        RESERVED
 CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full 
function in ...)
-       - python-werkzeug <undetermined>
+       - python-werkzeug 0.11.11+dfsg1-1
+       NOTE: 
http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
+       NOTE: https://github.com/pallets/werkzeug/pull/1001
+       NOTE: 
https://github.com/pallets/werkzeug/commit/1034edc7f901dd645ec6e462754111b39002bd65
 CVE-2017-15805 (Cisco Small Business SA520 and SA540 devices with firmware 
2.1.71 and ...)
        NOT-FOR-US: Cisco
 CVE-2017-15804 (The glob function in glob.c in the GNU C Library (aka glibc or 
libc6) ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57039 - data/CVE

Reply via email to