[Secure-testing-commits] r31235 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jan 10 05:22:27 UTC 2015


Author: carnil
Date: 2015-01-10 05:22:27 +0000 (Sat, 10 Jan 2015)
New Revision: 31235

Modified:
   data/CVE/list
Log:
Update references for CVE-2014-3625/libspring-java

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-10 05:19:46 UTC (rev 31234)
+++ data/CVE/list	2015-01-10 05:22:27 UTC (rev 31235)
@@ -16540,7 +16540,8 @@
 	RESERVED
 CVE-2014-3625 (Directory traversal vulnerability in Pivitol Spring Framework 3.0.4 ...)
 	- libspring-java <unfixed> (bug #769698)
-	NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd
+	NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601 (3.2.x)
+	NOTE: https://jira.spring.io/browse/SPR-12354
 	NOTE: http://www.pivotal.io/security/cve-2014-3625
 	NOTE: Fixed in experimental with 3.2.12-1
 CVE-2014-3624 [Ensure remap requests are properly tunneled using CONNECT requests to avoid an open relay]




More information about the Secure-testing-commits mailing list