[Secure-testing-commits] r46712 - data/CVE

[Nicholas Luedtke]

Author: nluedtke-guest
Date: 2016-12-02 18:10:50 +0000 (Fri, 02 Dec 2016)
New Revision: 46712

Modified:
   data/CVE/list
Log:
CVE-2016-977{4,5}/tomcat assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-02 18:05:20 UTC (rev 46711)
+++ data/CVE/list	2016-12-02 18:10:50 UTC (rev 46712)
@@ -998,7 +998,7 @@
 	RESERVED
 CVE-2017-0381
 	RESERVED
-CVE-2016-XXXX [tomcat8: privilege escalation during package removal]
+CVE-2016-9775 [tomcat8: privilege escalation during package removal]
         - tomcat8 8.5.8-2 (bug #845385)
 	- tomcat7 7.0.72-3
 	[wheezy] - tomcat7 7.0.28-4+deb7u7
@@ -1009,7 +1009,7 @@
 	NOTE: Workaround entry for DLA-728-1 until CVE is assigned
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
 	NOTE: CVE request: http://www.openwall.com/lists/oss-security/2016/12/02/5
-CVE-2016-XXXX [tomcat8: privilege escalation during package upgrade]
+CVE-2016-9774 [tomcat8: privilege escalation during package upgrade]
         - tomcat8 <unfixed> (bug #845393)
 	- tomcat7 7.0.72-3
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API