[Secure-testing-commits] r41562 - data/CVE

Salvatore Bonaccorso Mon, 09 May 2016 07:14:51 -0700

Author: carnil
Date: 2016-05-09 14:13:53 +0000 (Mon, 09 May 2016)
New Revision: 41562


Modified:
   data/CVE/list
Log:
Mark CVE-2016-2785/puppet as not-affected

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-05-09 12:34:50 UTC (rev 41561)
+++ data/CVE/list       2016-05-09 14:13:53 UTC (rev 41562)
@@ -4851,9 +4851,9 @@
        RESERVED
 CVE-2016-2785 [incorrect URL decoding]
        RESERVED
-       - puppet <unfixed>
+       - puppet <not-affected> (Vulnerable code only in 4.x)
        NOTE: https://puppet.com/security/cve/cve-2016-2785
-       TODO: check versions, fixed in Puppet 4.4.2, possibly only 4.x
+       NOTE: 
https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2
 CVE-2016-2784
        RESERVED
 CVE-2015-8818


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r41562 - data/CVE

Reply via email to