[Secure-testing-commits] r40004 - data/CVE
Markus Koschany
apo-guest at moszumanska.debian.org
Sun Feb 28 13:51:43 UTC 2016
Author: apo-guest
Date: 2016-02-28 13:51:43 +0000 (Sun, 28 Feb 2016)
New Revision: 40004
Modified:
data/CVE/list
Log:
Mark CVE-2015-5351 as fixed since 6.0.45-1~deb6u1
The upstream advisory makes no reference about the 6.x series but looking at
the code reveals that this issue was also fixed in 6.0.45.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-28 13:49:10 UTC (rev 40003)
+++ data/CVE/list 2016-02-28 13:51:43 UTC (rev 40004)
@@ -16604,11 +16604,12 @@
- tomcat9 <itp> (bug #802312)
- tomcat8 8.0.32-1
- tomcat7 7.0.68-1
- - tomcat6 <undetermined>
+ - tomcat6 6.0.45-1~deb6u1
NOTE: Fixed in 7.0.68, 8.0.32, 9.0.0.M3
- NOTE: Unstable upload marks CVe-2015-5351 as fixed in tomcat6/6.0.45+dfsg-1 but
- NOTE: upstream advisory does not make reference to 6.x
- TODO: check 6.x series
+ NOTE: Upstream advisory does not make reference to 6.x but looking at the
+ NOTE: upstream patches reveals that this issue is fixed since 6.0.45-1~deb6u1.
+ NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720661
+ NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720663
CVE-2015-5350
RESERVED
CVE-2015-5349
More information about the Secure-testing-commits
mailing list