[Secure-testing-commits] r38668 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 3 14:37:31 UTC 2016
Author: carnil
Date: 2016-01-03 14:37:31 +0000 (Sun, 03 Jan 2016)
New Revision: 38668
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2015-5254, #809733
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-03 14:25:17 UTC (rev 38667)
+++ data/CVE/list 2016-01-03 14:37:31 UTC (rev 38668)
@@ -12276,13 +12276,12 @@
TODO: check
CVE-2015-5254 [Unsafe deserialization]
RESERVED
- - activemq <unfixed>
+ - activemq <unfixed> (bug #809733)
NOTE: http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=6f03921b31d9fefeddb0f4fa63150ed1f94a14b1 (5.11.x)
NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=73a0caf758f9e4916783a205c7e422b4db27905c (5.11.x)
NOTE: Patch applied to Fedora (5.6.0 based version): http://pkgs.fedoraproject.org/cgit/activemq.git/diff/activemq-5.6.0-CVE-2015-5254.patch?id=e3ef8a1b62d10273a814090be9168aa3019ace72
NOTE: https://issues.apache.org/jira/browse/AMQ-6013
- TODO: check
CVE-2015-5253 (The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before ...)
NOT-FOR-US: Apache CXF
CVE-2015-5252 (vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, ...)
More information about the Secure-testing-commits
mailing list