[Secure-testing-commits] r34315 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun May 17 20:13:09 UTC 2015
Author: carnil
Date: 2015-05-17 20:13:09 +0000 (Sun, 17 May 2015)
New Revision: 34315
Modified:
data/CVE/list
Log:
Add CVE-2015-2156/netty, playframework is itp'ed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-17 17:05:25 UTC (rev 34314)
+++ data/CVE/list 2015-05-17 20:13:09 UTC (rev 34315)
@@ -4826,6 +4826,12 @@
RESERVED
CVE-2015-2156
RESERVED
+ - netty <unfixed>
+ - playframework <itp> (bug #646523)
+ NOTE: http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html
+ NOTE: https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass
+ NOTE: http://engineering.linkedin.com/security/look-netty%E2%80%99s-recent-security-update-cve%C2%AD-2015%C2%AD-2156
+ TODO: check
CVE-2015-2155 (The force printer in tcpdump before 4.7.2 allows remote attackers to ...)
{DSA-3193-1 DLA-174-1}
- tcpdump 4.6.2-4
More information about the Secure-testing-commits
mailing list