[Git][security-tracker-team/security-tracker][master] Process zulip-server CVEs, itp'ed, #800052

Wed, 18 Apr 2018 22:43:17 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
872f1e82 by Salvatore Bonaccorso at 2018-04-19T07:42:14+02:00
Process zulip-server CVEs, itp'ed, #800052

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -432,7 +432,7 @@ CVE-2018-10020
 CVE-2018-10019
        RESERVED
 CVE-2018-9999 (In Zulip Server versions before 1.7.2, there was an XSS issue 
with user ...)
-       TODO: check
+       - zulip-server <itp> (bug #800052)
 CVE-2018-9998
        RESERVED
 CVE-2018-9997
@@ -454,7 +454,7 @@ CVE-2018-9992 (Frog CMS 0.9.5 has XSS via the name field of 
a new &quot;File&quo
 CVE-2018-9991 (Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or 
Username ...)
        NOT-FOR-US: Frog CMS
 CVE-2018-9990 (In Zulip Server versions before 1.7.2, there was an XSS issue 
with ...)
-       TODO: check
+       - zulip-server <itp> (bug #800052)
 CVE-2018-10018
        RESERVED
 CVE-2018-10017 (soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and 
libopenmpt before ...)
@@ -527,9 +527,9 @@ CVE-2018-9988 (ARM mbed TLS before 2.1.11, before 2.7.2, 
and before 2.8.0 has a 
        NOTE: 
https://github.com/ARMmbed/mbedtls/commit/a1098f81c252b317ad34ea978aea2bc47760b215
        NOTE: 
https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released
 CVE-2018-9987 (In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2, 
there ...)
-       TODO: check
+       - zulip-server <itp> (bug #800052)
 CVE-2018-9986 (In Zulip Server versions before 1.7.2, there were XSS issues 
with the ...)
-       TODO: check
+       - zulip-server <itp> (bug #800052)
 CVE-2018-9985 (The front page of MetInfo 6.0 allows XSS by sending a feedback 
message ...)
        NOT-FOR-US: MetInfo
 CVE-2018-9984



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/872f1e82f004e69e4b08358bac01dff4ca2761db

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/872f1e82f004e69e4b08358bac01dff4ca2761db
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to