[Secure-testing-commits] r20078 - data/CVE
Henri Salo
fgeek-guest at alioth.debian.org
Sun Sep 2 15:57:21 UTC 2012
Author: fgeek-guest
Date: 2012-09-02 15:57:21 +0000 (Sun, 02 Sep 2012)
New Revision: 20078
Modified:
data/CVE/list
Log:
CVE-2012-4386, CVE-2012-4387: apache struts issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-02 14:13:45 UTC (rev 20077)
+++ data/CVE/list 2012-09-02 15:57:21 UTC (rev 20078)
@@ -921,10 +921,16 @@
RESERVED
CVE-2012-4388
RESERVED
-CVE-2012-4387
+CVE-2012-4387 [Apache Struts DoS]
RESERVED
-CVE-2012-4386
+ NOTE: check
+ NOTE: http://www.openwall.com/lists/oss-security/2012/09/01/4
+ NOTE: http://struts.apache.org/2.x/docs/s2-011.html
+CVE-2012-4386 [Apache Struts CSRF protection bypass]
RESERVED
+ TODO: check
+ NOTE: http://www.openwall.com/lists/oss-security/2012/09/01/4
+ NOTE: http://struts.apache.org/2.x/docs/s2-010.html
CVE-2012-4385 [letodms CSRF]
RESERVED
- letodms 3.3.7+dfsg-1
More information about the Secure-testing-commits
mailing list