diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-26 07:41:09 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-26 07:41:09 +0000 |
commit | 291da533f6c228d2238198d3cbdf4610ef9a57a0 (patch) | |
tree | 4bd70320ec9b3c385cb4eb950ea09d804f7ffadb | |
parent | 5344e5af9fe617db5056b4a4cf904f6fa3eb5c87 (diff) |
Mark dolibarr issues as no-dsa
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58924 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list.2017 | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017 index 6716c650e5..f3dbff87b2 100644 --- a/data/CVE/list.2017 +++ b/data/CVE/list.2017 @@ -18,16 +18,24 @@ CVE-2017-17901 RESERVED CVE-2017-17900 (SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM ...) - dolibarr <unfixed> + [stretch] - dolibarr <no-dsa> (Minor issue) + [jessie] - dolibarr <no-dsa> (Minor issue) NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c CVE-2017-17899 (SQL injection vulnerability in adherents/subscription/info.php in ...) - dolibarr <unfixed> + [stretch] - dolibarr <no-dsa> (Minor issue) + [jessie] - dolibarr <no-dsa> (Minor issue) NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c CVE-2017-17898 (Dolibarr ERP/CRM version 6.0.4 does not block direct requests to ...) - dolibarr <unfixed> + [stretch] - dolibarr <no-dsa> (Minor issue) + [jessie] - dolibarr <no-dsa> (Minor issue) NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c NOTE: https://github.com/Dolibarr/dolibarr/commit/6a62e139604dbbd5729e57df2433b37a5950c35c CVE-2017-17897 (SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM ...) - dolibarr <unfixed> + [stretch] - dolibarr <no-dsa> (Minor issue) + [jessie] - dolibarr <no-dsa> (Minor issue) NOTE: https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c CVE-2017-17896 (Readymade Job Site Script has XSS via the keyword parameter to the /job ...) NOT-FOR-US: Readymade Job Site Script |