[Secure-testing-commits] r30509 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 3 16:07:57 UTC 2014
Author: carnil
Date: 2014-12-03 16:07:57 +0000 (Wed, 03 Dec 2014)
New Revision: 30509
Modified:
data/CVE/list
Log:
Add notes for libspring-java upload to experimental
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-03 16:03:41 UTC (rev 30508)
+++ data/CVE/list 2014-12-03 16:07:57 UTC (rev 30509)
@@ -13955,6 +13955,7 @@
- libspring-java <unfixed> (bug #769698)
NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd
NOTE: http://www.pivotal.io/security/cve-2014-3625
+ NOTE: Fixed in experimental with 3.2.12-1
CVE-2014-3624 [Ensure remap requests are properly tunneled using CONNECT requests to avoid an open relay]
RESERVED
- trafficserver 5.1.1-1
@@ -14129,6 +14130,7 @@
RESERVED
- libspring-java <unfixed> (low; bug #760733)
[wheezy] - libspring-java <no-dsa> (minor issue)
+ NOTE: Fixed in experimental with 3.2.12-1
CVE-2014-3577 (org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents ...)
- httpcomponents-client 4.3.5-1
CVE-2014-3576
More information about the Secure-testing-commits
mailing list