Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7a59a642 by Markus Koschany at 2018-01-12T23:07:39+01:00 CVE-2016-10510,libkohana2-php: Wheezy and Jessie are affected Vulnerable function is in system/helpers/security.php. Upstream fix is to remove strip_image_tags completely. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -23241,7 +23241,7 @@ CVE-2017-14053 (NetApp OnCommand Unified Manager for Clustered Data ONTAP before CVE-2017-14052 RESERVED CVE-2016-10510 (Cross-site scripting (XSS) vulnerability in the Security component of ...) - - libkohana2-php <undetermined> + - libkohana2-php NOTE: https://github.com/kohana/kohana/issues/107 NOTE: Fixed by https://github.com/kohana/core/pull/697 CVE-2016-10509 (SQL injection vulnerability in the updateAmazonOrderTracking function ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a59a642aaf65168d39c0caff0e179acf409437b --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a59a642aaf65168d39c0caff0e179acf409437b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits