Author: carnil
Date: 2017-04-06 04:28:02 +0000 (Thu, 06 Apr 2017)
New Revision: 50390
Modified:
data/CVE/list
Log:
Correct apt-cacher(-ng) CVE
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-05 22:03:30 UTC (rev 50389)
+++ data/CVE/list 2017-04-06 04:28:02 UTC (rev 50390)
@@ -1,7 +1,5 @@
CVE-2017-7444 (In Veritas System Recovery before 16 SP1, there is a DLL
hijacking ...)
TODO: check
-CVE-2017-7443 (apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow
HTTP ...)
- TODO: check
CVE-2017-7442
RESERVED
CVE-2017-7441
@@ -26087,15 +26085,13 @@
NOTE: https://github.com/uclouvain/openjpeg/issues/843
NOTE: PoC:
https://github.com/STARLABSEC/pocs/raw/master/openjpeg-nullptr-github-issue-842.ppm
NOTE: No code injection, function only exposed in the CLI tool
-CVE-2016-7443 [apt-cacher http response splitting]
+CVE-2017-7443 [apt-cacher http response splitting]
RESERVED
- apt-cacher-ng 3-1 (bug #858833)
[jessie] - apt-cacher-ng <no-dsa> (Minor issue)
[wheezy] - apt-cacher-ng <no-dsa> (Minor issue)
- apt-cacher 1.7.15 (bug #858739)
[jessie] - apt-cacher <no-dsa> (Minor issue)
- [wheezy] - apt-cacher 1.7.6+deb7u1
- NOTE: Workaround entry for DLA-873-1 since no CVE assigned
CVE-2016-7442 (The Frontend component in Sophos UTM with firmware 9.405-5 and
earlier ...)
NOT-FOR-US: Sophos UTM
CVE-2016-7441
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
