[Secure-testing-commits] r42664 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Jun 20 18:42:48 UTC 2016 

Author: carnil
Date: 2016-06-20 18:42:48 +0000 (Mon, 20 Jun 2016)
New Revision: 42664

Modified:
   data/CVE/list
Log:
Fix affected version information

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-20 18:40:32 UTC (rev 42663)
+++ data/CVE/list	2016-06-20 18:42:48 UTC (rev 42664)
@@ -3606,7 +3606,7 @@
 	RESERVED
 CVE-2016-4465
 	RESERVED
-	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.38.1 and 2.5)
+	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1 and 2.5)
 	NOTE: https://struts.apache.org/docs/s2-041.html
 CVE-2016-4464
 	RESERVED
@@ -3706,14 +3706,14 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337502
 CVE-2016-4438
 	RESERVED
-	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.38.1)
+	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-037.html
 CVE-2016-4437 (Apache Shiro before 1.2.5, when a cipher key has not been configured ...)
 	- shiro 1.2.5-1 (bug #826653)
 	[jessie] - shiro <no-dsa> (Minor issue)
 CVE-2016-4436
 	RESERVED
-	- libstruts1.2-java <not-affected> (Only affects 2.0.0 to 2.3.38.1)
+	- libstruts1.2-java <not-affected> (Only affects 2.0.0 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-035.html
 CVE-2016-4435
 	RESERVED
@@ -3723,17 +3723,17 @@
 	[jessie] - tika <no-dsa> (Minor issue, no standard alone package, just a reverse dependency of jmeter)
 CVE-2016-4433
 	RESERVED
-	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.38.1)
+	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-039.html
 CVE-2016-4432 (The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid ...)
 	NOT-FOR-US: Apache Qpid Java Broker
 CVE-2016-4431
 	RESERVED
-	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.38.1)
+	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-040.html
 CVE-2016-4430
 	RESERVED
-	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.38.1)
+	- libstruts1.2-java <not-affected> (Only affects 2.3.20 to 2.3.28.1)
 	NOTE: https://struts.apache.org/docs/s2-038.html
 CVE-2016-4429 (Stack-based buffer overflow in the clntudp_call function in ...)
 	- glibc 2.22-10

More information about the Secure-testing-commits mailing list