[Secure-testing-commits] r43307 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jul 20 14:09:58 UTC 2016
Author: carnil
Date: 2016-07-20 14:09:57 +0000 (Wed, 20 Jul 2016)
New Revision: 43307
Modified:
data/CVE/list
Log:
Update entry for tomca6 for CVE-2016-5388 and CVE-2012-5568
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-20 11:13:30 UTC (rev 43306)
+++ data/CVE/list 2016-07-20 14:09:57 UTC (rev 43307)
@@ -2362,7 +2362,8 @@
- tomcat9 <itp> (bug #802312)
- tomcat8 <unfixed>
- tomcat7 <unfixed>
- - tomcat6 <unfixed>
+ - tomcat6 6.0.41-3
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
CVE-2016-1000111
RESERVED
- twisted <unfixed>
@@ -92822,7 +92823,8 @@
CVE-2012-5569 (Multiple cross-site scripting (XSS) vulnerabilities in the Basic ...)
NOT-FOR-US: Drupal Webmail module
CVE-2012-5568 (Apache Tomcat through 7.0.x allows remote attackers to cause a denial ...)
- - tomcat6 <unfixed> (unimportant)
+ - tomcat6 6.0.41-3 (unimportant)
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
- tomcat7 <unfixed> (unimportant)
NOTE: No fix planned, can be mitigated by config changes:
NOTE: http://mail-archives.apache.org/mod_mbox/tomcat-users/200906.mbox/%3C4A3D0884.5080309@apache.org%3E
More information about the Secure-testing-commits
mailing list