[Secure-testing-commits] r25891 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-02-26 07:23:51 +0000 (Wed, 26 Feb 2014)
New Revision: 25891

Modified:
   data/CVE/list
Log:
Add upstream versions fixing CVE-2013-4286 (tomcat 6 and 7)

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-26 05:45:37 UTC (rev 25890)
+++ data/CVE/list	2014-02-26 07:23:51 UTC (rev 25891)
@@ -12330,8 +12330,10 @@
 	- libgems-ruby <removed> (unimportant; bug #722361)
 	NOTE: Non-issue, you trust the site providing the gem with installing arbitrary code, allowing
 	NOTE: it a potential elevated CPU consumption doesn't add any extra harm
-CVE-2013-4286
+CVE-2013-4286 [incomplete fix for CVE-2005-2090]
 	RESERVED
+	- tomcat6 6.0.39
+	- tomcat7 7.0.47
 CVE-2013-4285
 	RESERVED
 CVE-2013-4284 (Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers ...)