[Secure-testing-commits] r37872 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 24 19:33:17 UTC 2015
Author: carnil
Date: 2015-11-24 19:33:17 +0000 (Tue, 24 Nov 2015)
New Revision: 37872
Modified:
data/CVE/list
Log:
Add workaround entry for libcommons-collections3-java
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-24 19:28:06 UTC (rev 37871)
+++ data/CVE/list 2015-11-24 19:33:17 UTC (rev 37872)
@@ -631,6 +631,10 @@
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
CVE-2015-XXXX [java unserialisation issues]
- libcommons-collections3-java 3.2.2-1 (unimportant)
+ [jessie] - libcommons-collections3-java 3.2.1-7+deb8u1
+ [wheezy] - libcommons-collections3-java 3.2.1-5+deb7u1
+ NOTE: workaround entry to associate the wheezy- and jessie-security fixes with the
+ NOTE: corresponding entry with unstable and the hardening change.
- libcommons-collections4-java <unfixed> (unimportant)
NOTE: severity unimportant since this is a hardening change, actual vulnerability relies in specific
NOTE: https://issues.apache.org/jira/browse/COLLECTIONS-580
More information about the Secure-testing-commits
mailing list