[Secure-testing-commits] r46709 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-12-02 16:16:51 +0000 (Fri, 02 Dec 2016)
New Revision: 46709

Modified:
   data/CVE/list
Log:
Update status for tomcat issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-02 15:00:33 UTC (rev 46708)
+++ data/CVE/list	2016-12-02 16:16:51 UTC (rev 46709)
@@ -999,7 +999,15 @@
 CVE-2017-0381
 	RESERVED
 CVE-2016-XXXX [tomcat8: privilege escalation during package removal]
-        - tomcat8 <unfixed> (bug #845385)
+        - tomcat8 8.5.8-2 (bug #845385)
+	- tomcat7 7.0.72-3
+	[wheezy] - tomcat7 7.0.28-4+deb7u7
+	NOTE: Workaround entry for DLA-729-1 until CVE is assigned
+	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
+	- tomcat6 6.0.41-3
+	[wheezy] - tomcat6 6.0.45+dfsg-1~deb7u3
+	NOTE: Workaround entry for DLA-728-1 until CVE is assigned
+	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
 	NOTE: CVE request: http://www.openwall.com/lists/oss-security/2016/12/02/5
 CVE-2016-XXXX [tomcat8: privilege escalation during package upgrade]
         - tomcat8 <unfixed> (bug #845393)