[Secure-testing-commits] r22220 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Fri May 10 08:55:01 UTC 2013
Author: carnil
Date: 2013-05-10 08:55:01 +0000 (Fri, 10 May 2013)
New Revision: 22220
Modified:
data/CVE/list
Log:
add two more tomcat issues, according to advisories potentially already fixed in some versions (check and mark in tracker accordingly)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-10 08:45:48 UTC (rev 22219)
+++ data/CVE/list 2013-05-10 08:55:01 UTC (rev 22220)
@@ -3174,8 +3174,11 @@
RESERVED
CVE-2013-2068
RESERVED
-CVE-2013-2067
+CVE-2013-2067 [Session fixation with FORM authenticator]
RESERVED
+ - tomcat7 <unfixed>
+ - tomcat6 <unfixed>
+ TODO: check and fill bug
CVE-2013-2066
RESERVED
CVE-2013-2065
@@ -16125,8 +16128,11 @@
- tomcat6 6.0.35-6 (bug #695250)
CVE-2012-3545
RESERVED
-CVE-2012-3544
+CVE-2012-3544 [Chunked transfer encoding extension size is not limited]
RESERVED
+ - tomcat6 <unfixed>
+ - tomcat7 <unfixed>
+ TODO: check and fill bug
CVE-2012-3543
RESERVED
- mono 2.10.8.1-7 (bug #686562)
More information about the Secure-testing-commits
mailing list