[Secure-testing-commits] r23761 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Sun Sep 22 19:17:23 UTC 2013


Author: carnil
Date: 2013-09-22 19:17:23 +0000 (Sun, 22 Sep 2013)
New Revision: 23761

Modified:
   data/CVE/list
Log:
Add two CVE items for struts

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-22 18:59:38 UTC (rev 23760)
+++ data/CVE/list	2013-09-22 19:17:23 UTC (rev 23761)
@@ -3576,6 +3576,8 @@
 	RESERVED
 CVE-2013-4316
 	RESERVED
+	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.1)
+	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-019.html
 CVE-2013-4315 (Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x ...)
 	{DSA-2755-1}
 	- python-django 1.5.3-1 (bug #722605)
@@ -3593,6 +3595,8 @@
 	NOTE: polkit support not activated in Debian build, will be fixed in point update
 CVE-2013-4310
 	RESERVED
+	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.1)
+	NOTE: http://struts.apache.org/release/2.3.x/docs/s2-018.html
 CVE-2013-4309
 	RESERVED
 CVE-2013-4308 (Cross-site scripting (XSS) vulnerability in ...)




More information about the Secure-testing-commits mailing list