[Secure-testing-commits] r29177 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 1 05:26:14 UTC 2014
Author: carnil
Date: 2014-10-01 05:26:14 +0000 (Wed, 01 Oct 2014)
New Revision: 29177
Modified:
data/CVE/list
Log:
Add fixed version for two mojarra CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-01 04:50:07 UTC (rev 29176)
+++ data/CVE/list 2014-10-01 05:26:14 UTC (rev 29177)
@@ -21626,7 +21626,7 @@
CVE-2013-5856 (Unspecified vulnerability in the Oracle Health Sciences InForm ...)
NOT-FOR-US: Oracle Industry Applications
CVE-2013-5855 (Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not ...)
- - mojarra <unfixed> (low; bug #740586)
+ - mojarra 2.2.8-1 (low; bug #740586)
[squeeze] - mojarra <no-dsa> (Minor issue)
[wheezy] - mojarra <no-dsa> (Minor issue)
NOTE: https://java.net/jira/browse/JAVASERVERFACES-3150
@@ -47796,7 +47796,8 @@
- libgc 1:7.1-9 (bug #677195)
[squeeze] - libgc 1:6.8-2
CVE-2012-2672 (Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext ...)
- - mojarra <not-affected> (Only affected in combination with EAP6/AS7 application servers, bug #677194)
+ - mojarra 2.2.8-1 (bug #677194)
+ NOTE: Only affected in combination with EAP6/AS7 application servers
CVE-2012-2671 (The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other ...)
NOTE: https://github.com/rtomayko/rack-cache/blob/master/CHANGES
- ruby-rack-cache 1.2-1
More information about the Secure-testing-commits
mailing list