[Secure-testing-commits] r24039 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Oct 17 05:38:28 UTC 2013
Author: jmm
Date: 2013-10-17 05:38:27 +0000 (Thu, 17 Oct 2013)
New Revision: 24039
Modified:
data/CVE/list
Log:
one more polarssl issue fixed
new libcommons-fileupload-java issue (concludes external check)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-10-17 05:36:17 UTC (rev 24038)
+++ data/CVE/list 2013-10-17 05:38:27 UTC (rev 24039)
@@ -9546,6 +9546,7 @@
RESERVED
CVE-2013-2186
RESERVED
+ - libcommons-fileupload-java <unfixed>
CVE-2013-2185 [tomcat: arbitrary file upload via deserialization]
RESERVED
NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
@@ -64119,7 +64120,7 @@
- tomcat-native 1.1.18-1
[lenny] - tomcat-native <no-dsa> (Minor issue)
- gnutls26 <not-affected> (safely handles renegotiation; however support for RFC 5746 would be useful)
- - polarssl <undetermined> (bug #704946)
+ - polarssl 1.3.1-1 (bug #704946)
- classpath <removed>
- zorp 3.9.2-1
[squeeze] - zorp <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list