[Secure-testing-commits] r45144 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Oct 8 10:59:29 UTC 2016
Author: carnil
Date: 2016-10-08 10:59:29 +0000 (Sat, 08 Oct 2016)
New Revision: 45144
Modified:
data/CVE/list
Log:
Mark CVE-2016-6808 as not-affected for Debian, since Windows/IIS specific issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-08 07:29:47 UTC (rev 45143)
+++ data/CVE/list 2016-10-08 10:59:29 UTC (rev 45144)
@@ -4738,9 +4738,10 @@
RESERVED
CVE-2016-6808 [buffer overflow]
RESERVED
- - libapache-mod-jk <unfixed> (bug #840000)
+ - libapache-mod-jk <not-affected> (Windows/IIS vhost handling specific issue)
NOTE: Fixed by: http://svn.apache.org/r1762057
NOTE: https://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.42
+ NOTE: This is though only Windows/IIS specific, thus marked as not-affected, cf. #840000
CVE-2016-6807
RESERVED
CVE-2016-6806
More information about the Secure-testing-commits
mailing list