[Secure-testing-commits] r29176 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Oct 1 04:50:07 UTC 2014


Author: carnil
Date: 2014-10-01 04:50:07 +0000 (Wed, 01 Oct 2014)
New Revision: 29176

Modified:
   data/CVE/list
Log:
Add fixed version for CVE-2014-3596

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-01 03:07:01 UTC (rev 29175)
+++ data/CVE/list	2014-10-01 04:50:07 UTC (rev 29176)
@@ -8342,7 +8342,7 @@
 	NOTE: https://bugs.php.net/bug.php?id=67717
 	NOTE: incomplete fix for CVE-2014-4049
 CVE-2014-3596 (The getCN function in Apache Axis 1.4 and earlier does not properly ...)
-	- axis <unfixed> (low; bug #762444)
+	- axis 1.4-21 (low; bug #762444)
 	NOTE: https://issues.apache.org/jira/secure/attachment/12662672/CVE-2014-3596.patch
 CVE-2014-3595 (Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, ...)
 	NOT-FOR-US: Red Hat Satellite




More information about the Secure-testing-commits mailing list