[Secure-testing-commits] r26715 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Apr 26 13:44:25 UTC 2014


Author: carnil
Date: 2014-04-26 13:44:25 +0000 (Sat, 26 Apr 2014)
New Revision: 26715

Modified:
   data/CVE/list
Log:
Add TODO item for CVE-2014-0094

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-04-26 11:15:59 UTC (rev 26714)
+++ data/CVE/list	2014-04-26 13:44:25 UTC (rev 26715)
@@ -7863,6 +7863,7 @@
 	RESERVED
 CVE-2014-0094 (The ParametersInterceptor in Apache Struts before 2.3.16.1 allows ...)
 	- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
+	TODO: recheck, as #745897 mentions to affect also 1.x
 CVE-2014-0093 (Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when ...)
 	NOT-FOR-US: JBoss EAP
 CVE-2014-0092 (lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does ...)




More information about the Secure-testing-commits mailing list