[Secure-testing-commits] r10096 - data/CVE

stef-guest at alioth.debian.org stef-guest at alioth.debian.org
Wed Oct 15 19:29:08 UTC 2008


Author: stef-guest
Date: 2008-10-15 19:29:07 +0000 (Wed, 15 Oct 2008)
New Revision: 10096

Modified:
   data/CVE/list
Log:
tomcat non-issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-15 19:13:17 UTC (rev 10095)
+++ data/CVE/list	2008-10-15 19:29:07 UTC (rev 10096)
@@ -3120,7 +3120,9 @@
 	- linux-2.6 2.6.26-2
 	NOTE: 82e68f7ffec3800425f2391c8c86277606860442
 CVE-2008-3271 (Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers ...)
-	TODO: check
+	- tomcat5 <removed> (unimportant)
+	- tomcat6 <not-affected>
+	NOTE: It is unlikely that this is exploitable in real world scenarios.
 CVE-2008-3270 (yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify ...)
 	NOT-FOR-US: Red Hat
 CVE-2008-3269 (WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full ...)




More information about the Secure-testing-commits mailing list