[Secure-testing-commits] r26756 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Apr 30 13:36:11 UTC 2014
Author: carnil
Date: 2014-04-30 13:36:10 +0000 (Wed, 30 Apr 2014)
New Revision: 26756
Modified:
data/CVE/list
Log:
Add CVE-2014-0114/libstruts1.2-java, remove comment from CVE-2014-0094
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-30 13:03:06 UTC (rev 26755)
+++ data/CVE/list 2014-04-30 13:36:10 UTC (rev 26756)
@@ -7908,6 +7908,8 @@
RESERVED
CVE-2014-0114
RESERVED
+ - libstruts1.2-java <unfixed> (bug #745897)
+ NOTE: http://mail-archives.apache.org/mod_mbox/struts-announcements/201404.mbox/%3C535F5F52.4040108%40apache.org%3E
CVE-2014-0113
RESERVED
- libstruts1.2-java <unfixed>
@@ -7979,7 +7981,6 @@
RESERVED
CVE-2014-0094 (The ParametersInterceptor in Apache Struts before 2.3.16.1 allows ...)
- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
- TODO: recheck, as #745897 mentions to affect also 1.x
CVE-2014-0093 (Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when ...)
NOT-FOR-US: JBoss EAP
CVE-2014-0092 (lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does ...)
More information about the Secure-testing-commits
mailing list