[Secure-testing-commits] r54572 - data/CVE

Salvatore Bonaccorso Thu, 10 Aug 2017 13:25:56 -0700

Author: carnil
Date: 2017-08-10 20:05:45 +0000 (Thu, 10 Aug 2017)
New Revision: 54572


Modified:
   data/CVE/list
Log:
Add reported bugs for mercurial

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-10 19:50:33 UTC (rev 54571)
+++ data/CVE/list       2017-08-10 20:05:45 UTC (rev 54572)
@@ -1,11 +1,11 @@
 CVE-2017-1000117
        - git 1:2.14.1-1
        NOTE: 
https://public-inbox.org/git/xmqqh8xf482j....@gitster.mtv.corp.google.com/T/#u
-CVE-2017-1000116
-       - mercurial <unfixed>
+CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
+       - mercurial <unfixed> (bug #871710)
        NOTE: 
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
-CVE-2017-1000115
-       - mercurial <unfixed>
+CVE-2017-1000115 [path traversal via symlink]
+       - mercurial <unfixed> (bug #871709)
        NOTE: 
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
 CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via 
some ...)
        NOT-FOR-US: NexusPHP


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r54572 - data/CVE

Reply via email to