On Sun, Jun 21, 2015 at 02:56:36PM +0200, Hilko Bengen wrote:
> * Salvatore Bonaccorso:
>
> > Did you had a chance to get more details on it?
>
> ,[ http://seclists.org/bugtraq/2015/Jun/53 ]
> | Elasticsearch versions 1.0.0 - 1.5.2 are vulnerable to an engineered
> | attack on other applicati
* Salvatore Bonaccorso:
> Did you had a chance to get more details on it?
,[ http://seclists.org/bugtraq/2015/Jun/53 ]
| Elasticsearch versions 1.0.0 - 1.5.2 are vulnerable to an engineered
| attack on other applications on the system. The snapshot API may be used
| indirectly to place snapsh
Hi Hilko
On Fri, Jun 12, 2015 at 01:45:15PM +0200, Salvatore Bonaccorso wrote:
> Hi Hilko,
>
> On Fri, Jun 12, 2015 at 01:30:28PM +0200, Hilko Bengen wrote:
> > Control: tags -1 moreinfo
> >
> > * Salvatore Bonaccorso:
> >
> > > Source: elasticsearch
> > > Version: 1.0.3+dfsg-5
> > > Severity:
Hi Hilko,
On Fri, Jun 12, 2015 at 01:30:28PM +0200, Hilko Bengen wrote:
> Control: tags -1 moreinfo
>
> * Salvatore Bonaccorso:
>
> > Source: elasticsearch
> > Version: 1.0.3+dfsg-5
> > Severity: grave
> > Tags: security upstream fixed-upstream
>
> Where exactly has it been fixed upstream? A gi
Control: tags -1 moreinfo
* Salvatore Bonaccorso:
> Source: elasticsearch
> Version: 1.0.3+dfsg-5
> Severity: grave
> Tags: security upstream fixed-upstream
Where exactly has it been fixed upstream? A git coommit id would be
helpful.
Cheers,
-Hilko
--
To UNSUBSCRIBE, email to debian-bugs-dis
Source: elasticsearch
Version: 1.0.3+dfsg-5
Severity: grave
Tags: security upstream fixed-upstream
Hi,
the following vulnerability was published for elasticsearch.
Unfortunately the available information is a bit sparse, thus filling
with initial severity grave.
CVE-2015-4165[0]:
unspecified arb
6 matches
Mail list logo