Author: carnil
Date: 2017-11-18 13:05:57 +0000 (Sat, 18 Nov 2017)
New Revision: 57780
Modified:
data/CVE/list
Log:
Add CVE-2017-1000190/simple-xml
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-18 13:05:45 UTC (rev 57779)
+++ data/CVE/list 2017-11-18 13:05:57 UTC (rev 57780)
@@ -9,7 +9,8 @@
CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script
injections ...)
TODO: check
CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE
vulnerability ...)
- TODO: check
+ - simple-xml <unfixed>
+ NOTE: https://github.com/ngallagher/simplexml/issues/18
CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0
through ...)
TODO: check
CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000
parser ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits