[Secure-testing-commits] r42296 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jun 3 19:44:09 UTC 2016
Author: carnil
Date: 2016-06-03 19:44:08 +0000 (Fri, 03 Jun 2016)
New Revision: 42296
Modified:
data/CVE/list
Log:
Update information for two shiro issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-03 19:40:18 UTC (rev 42295)
+++ data/CVE/list 2016-06-03 19:44:08 UTC (rev 42296)
@@ -67598,7 +67598,7 @@
[wheezy] - tomcat7 7.0.28-4+deb7u3
- tomcat6 6.0.41-1
CVE-2014-0074 (Apache Shiro 1.x before 1.2.3, when using an LDAP server with ...)
- NOT-FOR-US: Apache Shiro
+ - shiro 1.2.3-1
CVE-2014-0073
RESERVED
NOT-FOR-US: Apache Cordova
@@ -120946,7 +120946,7 @@
{DSA-2125-1}
- openssl 0.9.8o-3
CVE-2010-3863 (Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize ...)
- NOT-FOR-US: Apache Shiro / JSecurity
+ - shiro <not-affected> (Fixed before the initial release in Debian)
CVE-2010-3862 (The ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2010-3861 (The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux ...)
More information about the Secure-testing-commits
mailing list