[Secure-testing-commits] r49166 - data/CVE

Markus Koschany Thu, 23 Feb 2017 21:52:44 -0800

Author: apo
Date: 2017-02-24 05:51:56 +0000 (Fri, 24 Feb 2017)
New Revision: 49166


Modified:
   data/CVE/list
Log:
CVE-2016-4793,cakephp: Add notes and link to patch.


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-02-24 05:48:40 UTC (rev 49165)
+++ data/CVE/list       2017-02-24 05:51:56 UTC (rev 49166)
@@ -31864,6 +31864,9 @@
        RESERVED
 CVE-2016-4793 (The clientIp function in CakePHP 3.2.4 and earlier allows 
remote ...)
        - cakephp 2.8.3-1
+       NOTE: 
http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt
+       NOTE: 
https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
+       NOTE: Fixed by 
https://github.com/cakephp/cakephp/commit/48af49ddde16c8b99edb701f1c31283455b2b0b6
 CVE-2016-4792 (Pulse Connect Secure (PCS) 8.2 before 8.2r1 allows remote 
attackers to ...)
        NOT-FOR-US: Pulse Connect Secure
 CVE-2016-4791 (The administrative user interface in Pulse Connect Secure (PCS) 
8.2 ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r49166 - data/CVE

Reply via email to