[Secure-testing-commits] r13851 - in data: . CVE

[Michael Gilbert]

Author: gilbert-guest
Date: 2010-01-18 02:20:57 +0000 (Mon, 18 Jan 2010)
New Revision: 13851

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
openjdk embeds libxerces2-java and libxerces2-java is affected has CVE-2009-2625 vulnerable code

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-18 00:42:21 UTC (rev 13850)
+++ data/CVE/list	2010-01-18 02:20:57 UTC (rev 13851)
@@ -6985,6 +6985,7 @@
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
 	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
+        - libxerces2-java <unfixed>
 CVE-2009-2624
 	RESERVED
 CVE-2009-2623

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-01-18 00:42:21 UTC (rev 13850)
+++ data/embedded-code-copies	2010-01-18 02:20:57 UTC (rev 13851)
@@ -1720,3 +1720,6 @@
 
 antlr
 	- kdevelop <unfixed> (embed)
+
+libxerces2
+        - openjdk-6 <unfixed> (embed)