[Secure-testing-commits] r23006 - in data: . CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2013-07-18 18:20:43 +0000 (Thu, 18 Jul 2013)
New Revision: 23006

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
tomcat6 DSA has been released


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-18 17:42:05 UTC (rev 23005)
+++ data/CVE/list	2013-07-18 18:20:43 UTC (rev 23006)
@@ -13901,12 +13901,18 @@
 	NOT-FOR-US: Typo3 extension (seo_basics)
 CVE-2012-5887 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
+	[squeeze] - tomcat6 6.0.35-1+squeeze3
+	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
 CVE-2012-5886 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
+	[squeeze] - tomcat6 6.0.35-1+squeeze3
+	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
 CVE-2012-5885 (The replay-countermeasure functionality in the HTTP Digest Access ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
+	[squeeze] - tomcat6 6.0.35-1+squeeze3
+	NOTE: DSA 2725
 	- tomcat7 7.0.28-3+nmu1 (bug #692440)
 CVE-2011-5244 (Multiple off-by-one errors in the (1) token and (2) linetoken ...)
 	{DSA-2357-1}
@@ -17712,6 +17718,8 @@
 CVE-2012-4534 (org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x ...)
 	- tomcat7 7.0.28-1 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
+	[squeeze] - tomcat6 6.0.35-1+squeeze3
+	NOTE: DSA 2725
 CVE-2012-4533 (Cross-site scripting (XSS) vulnerability in the "extra" details in the ...)
 	{DSA-2563-1}
 	- viewvc 1.1.5-1.4 (low; bug #691062)
@@ -18019,6 +18027,8 @@
 CVE-2012-4431 (org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat ...)
 	- tomcat7 7.0.28-4 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
+	[squeeze] - tomcat6 6.0.35-1+squeeze3
+	NOTE: DSA 2725
 CVE-2012-4430 (The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 ...)
 	{DSA-2558-1}
 	- bacula 5.2.6+dfsg-4 (bug #687923)
@@ -20250,6 +20260,8 @@
 CVE-2012-3546 (org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before ...)
 	- tomcat7 7.0.28-4 (bug #695251)
 	- tomcat6 6.0.35-6 (bug #695250)
+	[squeeze] - tomcat6 6.0.35-1+squeeze3
+	NOTE: DSA 2725
 CVE-2012-3545
 	RESERVED
 CVE-2012-3544 (Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not ...)
@@ -22389,6 +22401,8 @@
 	NOT-FOR-US: Cumin
 CVE-2012-2733 (java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP ...)
 	- tomcat6 6.0.35-5+nmu1 (bug #692439)
+	[squeeze] - tomcat6 6.0.35-1+squeeze3
+	NOTE: DSA 2725
 	- tomcat7 7.0.28-1 (bug #692440)
 CVE-2012-2732
 	REJECTED

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2013-07-18 17:42:05 UTC (rev 23005)
+++ data/dsa-needed.txt	2013-07-18 18:20:43 UTC (rev 23006)
@@ -78,11 +78,10 @@
 --
 sssd/oldstable
 --
-tomcat6 (jmm)
---
 tomcat7/stable (jmm)
 --
 vlc
   it probably makes sense to update to the 2.0.x point releases
 --
 xen
+