[Secure-testing-commits] r17988 - data/CVE
Luk Claes
luk at alioth.debian.org
Mon Jan 2 06:47:16 UTC 2012
Author: luk
Date: 2012-01-02 06:47:15 +0000 (Mon, 02 Jan 2012)
New Revision: 17988
Modified:
data/CVE/list
Log:
confirmed libspring-2.5-java not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-02 06:39:26 UTC (rev 17987)
+++ data/CVE/list 2012-01-02 06:47:15 UTC (rev 17988)
@@ -22658,8 +22658,7 @@
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in Struts ...)
- libstruts1.2-java <not-affected> (issue involves a problem in xwork, which was introduced in struts2)
- - libspring-2.5-java <undetermined>
- TODO: check
+ - libspring-2.5-java <not-affected> (Vulnerable code not present)
CVE-2010-1869 (Stack-based buffer overflow in the parser function in GhostScript 8.70 ...)
{DSA-2080-1}
- ghostscript 8.71~dfsg-4
More information about the Secure-testing-commits
mailing list