Author: carnil Date: 2017-11-19 19:22:54 +0000 (Sun, 19 Nov 2017) New Revision: 57834
Modified: data/CVE/list Log: Add note on commit introducing the --checksum-choice option Note for reviewers: Possibly only after that commit the archaic checksums are not properly handled. Before that there was not the coice of the checksum and arguably. Follow the triage from Thorsten Alteholz in the next commit and mark all versions in Debian as not-affected. Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-19 19:12:05 UTC (rev 57833) +++ data/CVE/list 2017-11-19 19:22:54 UTC (rev 57834) @@ -2881,8 +2881,11 @@ NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55 NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b NOTE: And possibly the following two commits on top: - NOTE: https://git.samba.org/?p=rsync.git;a=commith=bc112b0e7feece62ce98708092306639a8a53cce + NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=bc112b0e7feece62ce98708092306639a8a53cce NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=416e719bea4f5466c8dd2b34cac0059b6ff84ff3 + NOTE: The following commit introduced special handling of archaic versions / handling of + NOTE: --checksum-choice option to choose the checksum algorithms: + NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=a5a7d3a297b836387b0ac677383bdddaf2ac3598 CVE-2017-15993 (Zomato Clone Script allows SQL Injection via the restaurant-menu.php ...) NOT-FOR-US: Zomato Clone Script CVE-2017-15992 (Website Broker Script allows SQL Injection via the 'status_id' ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits