Author: ghedo
Date: 2016-01-27 11:57:31 +0000 (Wed, 27 Jan 2016)
New Revision: 39229
Modified:
data/CVE/list
Log:
Add curl entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-27 09:40:52 UTC (rev 39228)
+++ data/CVE/list 2016-01-27 11:57:31 UTC (rev 39229)
@@ -3810,10 +3810,17 @@
RESERVED
CVE-2016-0756
RESERVED
-CVE-2016-0755
+CVE-2016-0755 [NTLM credentials not-checked for proxy connection re-use]
RESERVED
-CVE-2016-0754
+ - curl 7.47.0-1
+ [wheezy] - curl <no-dsa> (Too intrusive to backport)
+ NOTE: http://curl.haxx.se/docs/adv_20160127A.html
+CVE-2016-0754 [remote file name path traversal in curl tool for Windows]
RESERVED
+ - curl <not-affected> (Windows only)
+ [jessie] - curl <not-affected> (Windows only)
+ [wheezy] - curl <not-affected> (Windows only)
+ NOTE: http://curl.haxx.se/docs/adv_20160127B.html
CVE-2016-0753 [Possible Input Validation Circumvention in Active Model]
RESERVED
- rails <unfixed>
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
