[Secure-testing-commits] r15278 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon Sep 6 23:51:36 UTC 2010
Author: gilbert-guest
Date: 2010-09-06 23:51:36 +0000 (Mon, 06 Sep 2010)
New Revision: 15278
Modified:
data/CVE/list
Log:
struts issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-06 23:51:25 UTC (rev 15277)
+++ data/CVE/list 2010-09-06 23:51:36 UTC (rev 15278)
@@ -3359,7 +3359,9 @@
CVE-2010-1871 (JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in Struts ...)
- TODO: Check, there's libstruts1.2-java and libspring-webmvc-struts-2.5-java, which could be affected
+ - libstruts1.2-java <not-affected> (issue involves a problem in xwork, which was introduced in struts2)
+ - libspring-webmvc-struts-2.5-java <undetermined>
+ TODO: check
CVE-2010-1869 (Stack-based buffer overflow in the parser function in GhostScript 8.70 ...)
{DSA-2080-1}
- ghostscript 8.71~dfsg-4
More information about the Secure-testing-commits
mailing list