Author: fgeek-guest Date: 2017-11-15 07:19:41 +0000 (Wed, 15 Nov 2017) New Revision: 57647
Modified: data/CVE/list Log: CVE-2017-1001001/pluxml verified, bug submitted Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-15 06:41:59 UTC (rev 57646) +++ data/CVE/list 2017-11-15 07:19:41 UTC (rev 57647) @@ -1147,9 +1147,8 @@ NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=7292230dd185 NOTE: https://blogs.securiteam.com/index.php/archives/3494 CVE-2017-1001001 (PluXml version 5.6 is vulnerable to stored cross-site scripting ...) - - pluxml <unfixed> + - pluxml <unfixed> (bug #881796) NOTE: https://github.com/pluxml/PluXml/issues/253 - TODO: check CVE-2017-1000244 (Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF ...) NOT-FOR-US: Jenkins plugin CVE-2017-1000243 (Jenkins Favorite Plugin 2.1.4 and older does not perform permission ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits