[Secure-testing-commits] r47371 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 23 06:08:10 UTC 2016
Author: carnil
Date: 2016-12-23 06:08:10 +0000 (Fri, 23 Dec 2016)
New Revision: 47371
Modified:
data/CVE/list
Log:
Add CVE-2016-9878/libspring-java
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-23 06:04:31 UTC (rev 47370)
+++ data/CVE/list 2016-12-23 06:08:10 UTC (rev 47371)
@@ -1860,8 +1860,15 @@
RESERVED
CVE-2016-9879
RESERVED
-CVE-2016-9878
+CVE-2016-9878 [Directory Traversal in the Spring Framework ResourceServlet]
RESERVED
+ - libspring-java <unfixed>
+ [jessie] - libspring-java <no-dsa> (Minor issue)
+ NOTE: https://pivotal.io/security/cve-2016-9878
+ NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/e2d6e709c3c65a4951eb096843ee75d5200cfcad (4.3.x branch)
+ NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/43bf008fbcd0d7945e2fcd5e30039bc4d74c7a98 (4.2.x branch)
+ NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/a7dc48534ea501525f11369d369178a60c2f47d0 (3.2.x branch)
+ NOTE: https://jira.spring.io/browse/SPR-14946
CVE-2016-9877
RESERVED
CVE-2016-9876
More information about the Secure-testing-commits
mailing list