[Secure-testing-commits] r31235 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 10 05:22:27 UTC 2015
Author: carnil
Date: 2015-01-10 05:22:27 +0000 (Sat, 10 Jan 2015)
New Revision: 31235
Modified:
data/CVE/list
Log:
Update references for CVE-2014-3625/libspring-java
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-10 05:19:46 UTC (rev 31234)
+++ data/CVE/list 2015-01-10 05:22:27 UTC (rev 31235)
@@ -16540,7 +16540,8 @@
RESERVED
CVE-2014-3625 (Directory traversal vulnerability in Pivitol Spring Framework 3.0.4 ...)
- libspring-java <unfixed> (bug #769698)
- NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd
+ NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601 (3.2.x)
+ NOTE: https://jira.spring.io/browse/SPR-12354
NOTE: http://www.pivotal.io/security/cve-2014-3625
NOTE: Fixed in experimental with 3.2.12-1
CVE-2014-3624 [Ensure remap requests are properly tunneled using CONNECT requests to avoid an open relay]
More information about the Secure-testing-commits
mailing list