[Secure-testing-commits] r37178 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Oct 19 12:58:12 UTC 2015


Author: carnil
Date: 2015-10-19 12:58:12 +0000 (Mon, 19 Oct 2015)
New Revision: 37178

Modified:
   data/CVE/list
Log:
CVE-2015-3625/libspring-java fixed

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-10-19 09:55:30 UTC (rev 37177)
+++ data/CVE/list	2015-10-19 12:58:12 UTC (rev 37178)
@@ -37355,13 +37355,12 @@
 CVE-2014-3626
 	RESERVED
 CVE-2014-3625 (Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 ...)
-	- libspring-java <unfixed> (bug #769698)
+	- libspring-java 3.2.13-1 (bug #769698)
 	[jessie] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
 	NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601 (3.2.x)
 	NOTE: https://jira.spring.io/browse/SPR-12354
 	NOTE: http://www.pivotal.io/security/cve-2014-3625
-	NOTE: Fixed in experimental with 3.2.12-1
 CVE-2014-3624 [Ensure remap requests are properly tunneled using CONNECT requests to avoid an open relay]
 	RESERVED
 	- trafficserver 5.0.0-1




More information about the Secure-testing-commits mailing list