[Secure-testing-commits] r15887 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun Jan 16 00:57:02 UTC 2011
Author: jmm
Date: 2011-01-16 00:57:00 +0000 (Sun, 16 Jan 2011)
New Revision: 15887
Modified:
data/CVE/list
Log:
tomcat6 fairly limited in lenny, thus not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-01-16 00:55:08 UTC (rev 15886)
+++ data/CVE/list 2011-01-16 00:57:00 UTC (rev 15887)
@@ -1881,7 +1881,7 @@
NOT-FOR-US: Orbis CMS
CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the ...)
- tomcat6 <unfixed> (unimportant; bug #608286)
- NOTE: S
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows ...)
NOT-FOR-US: Free Simple Software
CVE-2010-4310
@@ -2258,6 +2258,7 @@
- libsdp 1.1.99-2.1 (bug #603841)
CVE-2010-4172 (Multiple cross-site scripting (XSS) vulnerabilities in the Manager ...)
- tomcat6 6.0.28-9 (bug #606388)
+ [lenny] - tomcat6 <not-affected> (Only ships the servlet package)
CVE-2010-4171 (The staprun runtime tool in SystemTap 1.3 does not verify that a ...)
- systemtap 1.2-3 (bug #603946)
CVE-2010-4170 (The staprun runtime tool in SystemTap 1.3 does not properly clear the ...)
More information about the Secure-testing-commits
mailing list