Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
98e207c2 by Salvatore Bonaccorso at 2018-01-14T20:45:16+01:00
Order entries top-down
- - - - -
04bdf582 by Salvatore Bonaccorso at 2018-01-14T20:51:33+01:00
Add bug reference for CVE-2017-14804: #887306
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -691,8 +691,8 @@ CVE-2016-10705 (The Jetpack plugin before 4.0.4 for
WordPress has XSS via the Li
NOT-FOR-US: WordPress plugin jetpack
CVE-2018-XXXX [rpc session-id mechanism design flaw results in RCE]
- transmission <unfixed> (bug #886990)
- [jessie] - transmission 2.84-0.2+deb8u1
[stretch] - transmission 2.92-2+deb9u1
+ [jessie] - transmission 2.84-0.2+deb8u1
NOTE: http://www.openwall.com/lists/oss-security/2018/01/12/1
NOTE: https://github.com/transmission/transmission/pull/468
NOTE: Proposed patch:
https://patch-diff.githubusercontent.com/raw/transmission/transmission/pull/468.diff
@@ -21328,7 +21328,7 @@ CVE-2017-14805
RESERVED
CVE-2017-14804 [build: Exploit extractbuild to write to files in the host
system]
RESERVED
- - obs-build <unfixed>
+ - obs-build <unfixed> (bug #887306)
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1069904
CVE-2017-14803
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/cbbd72b1f9d689d143d6eef0756d34f1253ab078...04bdf5826e0bd81c25a5248c56b96bdd737ea3a1
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/cbbd72b1f9d689d143d6eef0756d34f1253ab078...04bdf5826e0bd81c25a5248c56b96bdd737ea3a1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
