[Secure-testing-commits] r46045 - data/CVE
Markus Koschany
apo at moszumanska.debian.org
Mon Nov 7 13:47:16 UTC 2016
Author: apo
Date: 2016-11-07 13:47:16 +0000 (Mon, 07 Nov 2016)
New Revision: 46045
Modified:
data/CVE/list
Log:
Add more links to patches for Tomcat 6 security vulnerabilities.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-07 13:37:01 UTC (rev 46044)
+++ data/CVE/list 2016-11-07 13:47:16 UTC (rev 46045)
@@ -7109,19 +7109,21 @@
- tomcat8 8.0.37-1 (low)
- tomcat7 7.0.72-1 (low; bug #842666)
- tomcat6 6.0.41-3 (low)
- NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
NOTE: http://markmail.org/message/wrku5orwxfpt5mzl?q=list:org.apache.tomcat.announce/
NOTE: Fixed by: http://svn.apache.org/r1757273 (8.0.x)
NOTE: Fixed by: http://svn.apache.org/r1757275 (7.0.x)
+ NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1757285 (6.0.x)
CVE-2016-6796 [Apache Tomcat Security Manager Bypass]
RESERVED
- tomcat8 8.0.37-1 (low)
- tomcat7 7.0.72-1 (low; bug #842665)
- tomcat6 6.0.41-3 (low)
- NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
NOTE: http://markmail.org/message/hynaeawxxhpvvctu?q=list:org.apache.tomcat.announce/
NOTE: Fixed by: http://svn.apache.org/r1758494 (8.0.x)
NOTE: Fixed by: http://svn.apache.org/r1758495 (7.0.x)
+ NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1758496 (6.0.x)
CVE-2016-6795
RESERVED
CVE-2016-6794 [Apache Tomcat System Property Disclosure]
@@ -7129,10 +7131,11 @@
- tomcat8 8.0.37-1 (low)
- tomcat7 7.0.72-1 (low; bug #842664)
- tomcat6 6.0.41-3 (low)
- NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
NOTE: http://markmail.org/message/zk7w6yly5mviocci?q=list:org.apache.tomcat.announce/
NOTE: Fixed by: http://svn.apache.org/r1754727 (8.0.x)
- NOTE: Fixed by: http://svn.apache.org/1754728 (7.0.x)
+ NOTE: Fixed by: http://svn.apache.org/1754728 (7.0.x)
+ NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1754733 (6.0.x)
CVE-2016-6793
RESERVED
CVE-2015-8954 [suricata: evasion issues]
@@ -13758,10 +13761,11 @@
- tomcat8 8.0.37-1 (low)
- tomcat7 7.0.72-1 (low; bug #842663)
- tomcat6 6.0.41-3 (low)
- NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
NOTE: http://markmail.org/message/lixw6iyojoxwfizv?q=list:org.apache.tomcat.announce/
NOTE: Fixed by: http://svn.apache.org/r1754901 (8.0.x)
NOTE: Fixed by: http://svn.apache.org/r1754902 (7.0.x)
+ NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1754904
CVE-2016-5017 (Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 ...)
{DLA-630-1}
- zookeeper 3.4.9-1
@@ -27744,10 +27748,11 @@
- tomcat8 8.0.37-1 (low)
- tomcat7 7.0.72-1 (low; bug #842662)
- tomcat6 6.0.41-3 (low)
- NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
NOTE: http://markmail.org/message/pzuk6hauzljnm4r7?q=list:org.apache.tomcat.announce/
NOTE: Fixed by: http://svn.apache.org/r1758501 (8.0.x)
NOTE: Fixed by: http://svn.apache.org/r1758502 (7.0.x)
+ NOTE: Fixed by: https://svn.apache.org/viewvc?view=revision&revision=1758506 (6.0.x)
CVE-2016-0761
RESERVED
CVE-2016-0760 (Multiple incomplete blacklist vulnerabilities in Apache Sentry before ...)
More information about the Secure-testing-commits
mailing list