Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1671216f by Salvatore Bonaccorso at 2018-02-23T15:09:00+01:00
Add four web2py issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -88834,7 +88834,7 @@ CVE-2016-3960 (Integer overflow in the x86 shadow 
pagetable code in Xen allows l
        - xen 4.8.0~rc3-1 (bug #823620)
        NOTE: http://xenbits.xen.org/xsa/advisory-173.html
 CVE-2016-3957 (The secure_load function in gluon/utils.py in web2py before 
2.14.2 ...)
-       TODO: check
+       - web2py <unfixed>
 CVE-2016-3956 (The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in 
Node.js ...)
        - npm <unfixed> (bug #850322)
        [jessie] - npm <no-dsa> (Minor issue)
@@ -88842,11 +88842,11 @@ CVE-2016-3956 (The CLI in npm before 2.15.1 and 3.x 
before 3.8.3, as used in Nod
        NOTE: 
https://github.com/npm/npm/commit/fea8cc92cee02c720b58f95f14d315507ccad401 
(2.15.1)
        NOTE: 
https://github.com/npm/npm/commit/f67ecad59e99a03e5aad8e93cd1a086ae087cb29 
(3.8.3)
 CVE-2016-3954 (web2py before 2.14.2 allows remote attackers to obtain the ...)
-       TODO: check
+       - web2py <unfixed>
 CVE-2016-3953 (The sample web application in web2py before 2.14.2 might allow 
remote ...)
-       TODO: check
+       - web2py <unfixed>
 CVE-2016-3952 (web2py before 2.14.1, when using the standalone version, allows 
remote ...)
-       TODO: check
+       - web2py <unfixed>
 CVE-2016-3951 (Double free vulnerability in drivers/net/usb/cdc_ncm.c in the 
Linux ...)
        {DSA-3607-1 DLA-516-1}
        - linux 4.5.1-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1671216f3d500692fffe4eeae56d4a528797869a

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1671216f3d500692fffe4eeae56d4a528797869a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to