[Secure-testing-commits] r37178 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Oct 19 12:58:12 UTC 2015
Author: carnil
Date: 2015-10-19 12:58:12 +0000 (Mon, 19 Oct 2015)
New Revision: 37178
Modified:
data/CVE/list
Log:
CVE-2015-3625/libspring-java fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-19 09:55:30 UTC (rev 37177)
+++ data/CVE/list 2015-10-19 12:58:12 UTC (rev 37178)
@@ -37355,13 +37355,12 @@
CVE-2014-3626
RESERVED
CVE-2014-3625 (Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 ...)
- - libspring-java <unfixed> (bug #769698)
+ - libspring-java 3.2.13-1 (bug #769698)
[jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601 (3.2.x)
NOTE: https://jira.spring.io/browse/SPR-12354
NOTE: http://www.pivotal.io/security/cve-2014-3625
- NOTE: Fixed in experimental with 3.2.12-1
CVE-2014-3624 [Ensure remap requests are properly tunneled using CONNECT requests to avoid an open relay]
RESERVED
- trafficserver 5.0.0-1
More information about the Secure-testing-commits
mailing list