[Secure-testing-commits] r43533 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jul 27 15:09:44 UTC 2016
Author: jmm
Date: 2016-07-27 15:09:43 +0000 (Wed, 27 Jul 2016)
New Revision: 43533
Modified:
data/CVE/list
Log:
new qemu issue
nginx n/a
tomcat unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-27 14:27:51 UTC (rev 43532)
+++ data/CVE/list 2016-07-27 15:09:43 UTC (rev 43533)
@@ -521,7 +521,7 @@
RESERVED
CVE-2016-1000103
RESERVED
- - nginx <unfixed>
+ - nginx <not-affected> (nginx doesn't support CGI)
CVE-2016-1000102
RESERVED
CVE-2016-1000027
@@ -2785,6 +2785,10 @@
RESERVED
CVE-2016-5403
RESERVED
+ - qemu <unfixed>
+ - qemu-kvm <removed>
+ - xen 4.4.0-1
+ NOTE: Xen switched to qemu-system in 4.4.0-1
CVE-2016-5402
RESERVED
CVE-2016-5401
@@ -2832,10 +2836,12 @@
REJECTED
CVE-2016-5388 (Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows ...)
- tomcat9 <itp> (bug #802312)
- - tomcat8 <unfixed>
- - tomcat7 <unfixed>
- - tomcat6 6.0.41-3
+ - tomcat8 <unfixed> (unimportant)
+ - tomcat7 <unfixed> (unimportant)
+ - tomcat6 6.0.41-3 (unimportant)
NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
+ NOTE: No part of Tomcat does set HTTP_PROXY based on a Proxy: header, upstream plans
+ NOTE: some hardening to discard HTTP_PROXY in the future
CVE-2016-1000111
RESERVED
- twisted <unfixed>
More information about the Secure-testing-commits
mailing list