[Secure-testing-commits] r28625 - data/CVE

Yves-Alexis Perez corsac at moszumanska.debian.org
Sun Sep 7 11:36:50 UTC 2014


Author: corsac
Date: 2014-09-07 11:36:50 +0000 (Sun, 07 Sep 2014)
New Revision: 28625

Modified:
   data/CVE/list
Log:
add CVE for spring directory traversal


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-06 18:29:54 UTC (rev 28624)
+++ data/CVE/list	2014-09-07 11:36:50 UTC (rev 28625)
@@ -6120,8 +6120,9 @@
 	RESERVED
 CVE-2014-3579
 	RESERVED
-CVE-2014-3578
-	RESERVED
+CVE-2014-3578 [Spring framework directory traversal]
+	- libspring-java <unfixed> (low; bug #760733)
+	[wheezy] - libspring-java <no-dsa> (minor issue)
 CVE-2014-3577 (org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents ...)
 	- httpcomponents-client 4.3.5-1
 CVE-2014-3576




More information about the Secure-testing-commits mailing list