[Secure-testing-commits] r20084 - data/CVE

Mon Sep 3 10:38:25 UTC 2012

Author: jmm
Date: 2012-09-03 10:38:24 +0000 (Mon, 03 Sep 2012)
New Revision: 20084

Modified:
   data/CVE/list
Log:
one struts issue is in tiles (already fixed in stable)
one struts issue don't affect struts 1.2


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-09-03 10:33:22 UTC (rev 20083)
+++ data/CVE/list	2012-09-03 10:38:24 UTC (rev 20084)
@@ -50484,11 +50484,9 @@
 CVE-2009-1276 (XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2009-1275 (Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other ...)
-	- libstruts1.2-java <undetermined>
-	TODO: check
+	- tiles 2.2.0-1
 CVE-2008-6682 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts ...)
-	- libstruts1.2-java <undetermined>
-	TODO: check
+	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 CVE-2008-6681 (Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo ...)
 	NOT-FOR-US: Dojo
 CVE-2007-6726 (Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and ...)


