[Secure-testing-commits] r43253 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 18 09:14:03 UTC 2016
Author: carnil
Date: 2016-07-18 09:14:03 +0000 (Mon, 18 Jul 2016)
New Revision: 43253
Modified:
data/CVE/list
Log:
Sort some entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-18 09:10:11 UTC (rev 43252)
+++ data/CVE/list 2016-07-18 09:14:03 UTC (rev 43253)
@@ -1,7 +1,7 @@
CVE-2016-6233 [ZF2016-02: Potential SQL injection in ORDER and GROUP statements of Zend_Db_Select]
- zendframework 1.12.19+dfsg-1
+ [jessie] - zendframework <not-affected> (introduced after 1.12.9)
[wheezy] - zendframework <not-affected> (introduced after 1.12.9)
- [jessie] - zendframework <not-affected> (introduced after 1.12.9)
NOTE: http://framework.zend.com/security/advisory/ZF2016-02
NOTE: https://github.com/zendframework/zf1/commit/bf3f40605be3d8f136a07ae991079a7dcb34d967
CVE-2016-6232
@@ -3632,8 +3632,8 @@
NOTE: http://security.libvirt.org/2016/0001.html
CVE-2016-5007 [Spring Security / MVC Path Matching Inconsistency]
RESERVED
+ - libspring-java <unfixed>
[wheezy] - libspring-java <not-affected> (Vulnerable code not present)
- - libspring-java <unfixed>
NOTE: https://pivotal.io/security/cve-2016-5007
NOTE: https://github.com/spring-projects/spring-framework/commit/a30ab3
NOTE: https://github.com/spring-projects/spring-security/commit/e4c13e
More information about the Secure-testing-commits
mailing list