[Secure-testing-commits] r8155 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Feb 13 21:12:57 UTC 2008
Author: nion
Date: 2008-02-13 21:12:56 +0000 (Wed, 13 Feb 2008)
New Revision: 8155
Modified:
data/CVE/list
Log:
CVE-2007-6286 does not affect tomcat5.5, tomcat5 removed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-13 20:48:55 UTC (rev 8154)
+++ data/CVE/list 2008-02-13 21:12:56 UTC (rev 8155)
@@ -2556,9 +2556,8 @@
CVE-2007-6287 (Cross-site scripting (XSS) vulnerability in the login page in Lxlabs ...)
NOT-FOR-US: HyperVM
CVE-2007-6286 (Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the ...)
- TODO: check
- NOTE: poked maintainer if we make use of the apr backend, I guess not because
- NOTE: libapr is not the build-deps
+ - tomcat5.5 <not-affected> (Does not use apr connector)
+ - tomcat5 <removed>
CVE-2007-6285 (The default configuration for autofs 5 (autofs5) in some Linux ...)
NOTE: maintainer will patch autofs5 in upload to unstable
TODO: check when autofs5 hits unstable
More information about the Secure-testing-commits
mailing list