Author: carnil Date: 2017-11-20 20:28:50 +0000 (Mon, 20 Nov 2017) New Revision: 57866
Modified: data/CVE/list Log: Mark CVE-2017-16641/cacti as no-dsa Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-20 20:08:15 UTC (rev 57865) +++ data/CVE/list 2017-11-20 20:28:50 UTC (rev 57866) @@ -1031,6 +1031,8 @@ NOTE: affected code was introduced in the 1.x release CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators ...) - cacti 1.1.27+ds1-3 (bug #881110) + [stretch] - cacti <no-dsa> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream) + [jessie] - cacti <no-dsa> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream) NOTE: https://github.com/Cacti/cacti/issues/1057 NOTE: https://github.com/Cacti/cacti/commit/e8088bb6593e6a49d000c342d17402f01db8740e CVE-2017-16640 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits