[Git][security-tracker-team/security-tracker][master] automatic update

Sun, 22 Jul 2018 01:21:55 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b48f0348 by security tracker role at 2018-07-22T08:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -40814,6 +40814,7 @@ CVE-2017-16792 (Stored cross-site scripting (XSS) 
vulnerability in "geminab
 CVE-2017-16791
        RESERVED
 CVE-2017-16790 [Ensure that submitted data are uploaded files]
+       RESERVED
        - symfony 3.4.0+dfsg-1
        NOTE: 
https://symfony.com/blog/cve-2017-16790-ensure-that-submitted-data-are-uploaded-files
        NOTE: https://github.com/symfony/symfony/pull/24993
@@ -41126,10 +41127,12 @@ CVE-2017-16656
 CVE-2017-16655
        RESERVED
 CVE-2017-16654 [Intl bundle readers breaking out of paths]
+       RESERVED
        - symfony 3.4.0+dfsg-1
        NOTE: 
https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths
        NOTE: https://github.com/symfony/symfony/pull/24994
 CVE-2017-16653 [CSRF protection does not use different tokens for HTTP and 
HTTPS]
+       RESERVED
        - symfony 3.4.0+dfsg-1
        NOTE: 
https://symfony.com/blog/cve-2017-16653-csrf-protection-does-not-use-different-tokens-for-http-and-https
        NOTE: https://github.com/symfony/symfony/pull/24992
@@ -57169,6 +57172,7 @@ CVE-2017-11367 (The shoco_decompress function in the 
API in shoco through 2017-0
 CVE-2017-11366 (components/filemanager/class.filemanager.php in Codiad before 
2.8.4 is ...)
        NOT-FOR-US: Codiad
 CVE-2017-11365 [Empty passwords validation issue]
+       RESERVED
        - symfony <not-affected> (introduced in versions that were never 
packaged in Debian)
        NOTE: 
https://symfony.com/blog/cve-2017-11365-empty-passwords-validation-issue
 CVE-2017-11364 (The CMS installer in Joomla! before 3.7.4 does not verify a 
user's ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b48f03488ae2aa8db91078e8fd776e9d015e4b55

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b48f03488ae2aa8db91078e8fd776e9d015e4b55
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to