[Secure-testing-commits] r25137 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jan 10 02:56:05 UTC 2014
Author: carnil
Date: 2014-01-10 02:56:05 +0000 (Fri, 10 Jan 2014)
New Revision: 25137
Modified:
data/CVE/list
Log:
Add bugreference for CVE-2013-7285/libxstream-java
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-10 02:52:58 UTC (rev 25136)
+++ data/CVE/list 2014-01-10 02:56:05 UTC (rev 25137)
@@ -387,7 +387,7 @@
CVE-2014-0790
RESERVED
CVE-2013-7285 [remote code execution via deserialization in XStream]
- - libxstream-java <unfixed>
+ - libxstream-java <unfixed> (bug #734821)
NOTE: http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html
NOTE: http://markmail.org/message/kfqoqdfj5fnup5co?q=list:org.codehaus.xstream.dev&page=3
NOTE: initial patch: https://fisheye.codehaus.org/changelog/xstream?cs=2210
More information about the Secure-testing-commits
mailing list