[Secure-testing-commits] r39914 - data/CVE

Thu, 25 Feb 2016 02:14:09 -0800 

Author: lamby
Date: 2016-02-25 10:13:55 +0000 (Thu, 25 Feb 2016)
New Revision: 39914

Modified:
   data/CVE/list
Log:
Triage drupal6 for LTS

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-02-25 10:04:41 UTC (rev 39913)
+++ data/CVE/list       2016-02-25 10:13:55 UTC (rev 39914)
@@ -11,37 +11,44 @@
 CVE-2016-XXXX [Brute force amplification attacks via XML-RPC]
        - drupal7 <unfixed>
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-XXXX [Open redirect via path manipulation]
        - drupal8 <itp> (bug #756305)
        - drupal7 <unfixed>
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-XXXX [Form API ignores access restrictions on submit buttons]
        - drupal7 <not-affected> (Only affects Drupal 6)
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-XXXX [HTTP header injection using line breaks]
        - drupal7 <not-affected> (Only affects Drupal 6)
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-XXXX [Open redirect via double-encoded 'destination' parameter]
        - drupal7 <not-affected> (Only affects Drupal 6)
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-XXXX [Reflected file download vulnerability]
        - drupal7 <unfixed>
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-XXXX [Saving user accounts can sometimes grant the user all roles]
        - drupal7 <unfixed>
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-XXXX [Email address can be matched to an account]
@@ -53,6 +60,7 @@
 CVE-2016-XXXX [Session data truncation can lead to unserialization of user 
provided data]
        - drupal7 <not-affected> (Only affects Drupal 6)
        - drupal6 <removed>
+       [squeeze] - drupal6 <end-of-life>
        NOTE: https://www.drupal.org/SA-CORE-2016-001
        TODO: check
 CVE-2016-2541


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to