Commit ecbb1a68 authored by Salvatore Bonaccorso's avatar Salvatore Bonaccorso

Mark CVE-2019-8937 as fixed in unstable

Marco De Santis (upstream) of hoteldruid confirmed in #929136 that the
issues covered by CVE-2019-8937 are adressed as well already in 2.3.2.

When checking I did not found at least the change for nsextt but that
might have been an oversight on my end. Follow the upstream confirmation
and mark it as fixed in 2.3.2-1.
parent 152bfb54
......@@ -8732,7 +8732,7 @@ CVE-2019-8939 (data/interfaces/default/history.html in Tautulli 2.1.26 has XSS v
CVE-2019-8938 (VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter ...)
NOT-FOR-US: VertrigoServ
CVE-2019-8937 (HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, ori ...)
- hoteldruid <unfixed> (bug #929136)
- hoteldruid 2.3.2-1 (bug #929136)
[stretch] - hoteldruid <no-dsa> (Minor issue)
NOTE: https://www.exploit-db.com/exploits/46429/
CVE-2019-8936 (NTP through 4.2.8p12 has a NULL Pointer Dereference. ...)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment