[Secure-testing-commits] r26826 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon May 5 06:31:44 UTC 2014
Author: jmm
Date: 2014-05-05 06:31:44 +0000 (Mon, 05 May 2014)
New Revision: 26826
Modified:
data/CVE/list
Log:
two struts issues N/A
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-05 05:50:34 UTC (rev 26825)
+++ data/CVE/list 2014-05-05 06:31:44 UTC (rev 26826)
@@ -8201,12 +8201,10 @@
- libstruts1.2-java <unfixed> (bug #745897)
NOTE: http://mail-archives.apache.org/mod_mbox/struts-announcements/201404.mbox/%3C535F5F52.4040108%40apache.org%3E
CVE-2014-0113 (CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard ...)
- - libstruts1.2-java <unfixed>
- TODO: check
+ - libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
NOTE: https://struts.apache.org/release/2.3.x/docs/s2-021.html
CVE-2014-0112 (ParametersInterceptor in Apache Struts before 2.3.16.2 does not ...)
- - libstruts1.2-java <unfixed>
- TODO: check
+ - libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.16)
NOTE: https://struts.apache.org/release/2.3.x/docs/s2-021.html
CVE-2014-0111 (Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote ...)
NOT-FOR-US: Apache Syncope
More information about the Secure-testing-commits
mailing list