[Secure-testing-commits] r45663 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-10-27 14:39:04 +0000 (Thu, 27 Oct 2016)
New Revision: 45663

Modified:
   data/CVE/list
Log:
Add references for fixing commits for tomcat8/7 issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-27 13:24:02 UTC (rev 45662)
+++ data/CVE/list	2016-10-27 14:39:04 UTC (rev 45663)
@@ -6378,6 +6378,8 @@
 	- tomcat6 6.0.41-3 (low)
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: http://markmail.org/message/wrku5orwxfpt5mzl?q=list:org.apache.tomcat.announce/
+	NOTE: Fixed by: http://svn.apache.org/r1757273 (8.0.x)
+	NOTE: Fixed by: http://svn.apache.org/r1757275 (7.0.x)
 CVE-2016-6796 [Apache Tomcat Security Manager Bypass]
 	RESERVED
 	- tomcat8 <unfixed> (low)
@@ -6385,6 +6387,8 @@
 	- tomcat6 6.0.41-3 (low)
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: http://markmail.org/message/hynaeawxxhpvvctu?q=list:org.apache.tomcat.announce/
+	NOTE: Fixed by: http://svn.apache.org/r1758494 (8.0.x)
+	NOTE: Fixed by: http://svn.apache.org/r1758495 (7.0.x)
 CVE-2016-6795
 	RESERVED
 CVE-2016-6794 [Apache Tomcat System Property Disclosure]
@@ -6394,6 +6398,8 @@
 	- tomcat6 6.0.41-3 (low)
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: http://markmail.org/message/zk7w6yly5mviocci?q=list:org.apache.tomcat.announce/
+	NOTE: Fixed by: http://svn.apache.org/r1754727 (8.0.x)
+	NOTE: Fixed by:  http://svn.apache.org/1754728 (7.0.x)
 CVE-2016-6793
 	RESERVED
 CVE-2015-8954 [suricata: evasion issues]
@@ -12930,6 +12936,8 @@
 	- tomcat6 6.0.41-3 (low)
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: http://markmail.org/message/lixw6iyojoxwfizv?q=list:org.apache.tomcat.announce/
+	NOTE: Fixed by: http://svn.apache.org/r1754901 (8.0.x)
+	NOTE: Fixed by: http://svn.apache.org/r1754902 (7.0.x)
 CVE-2016-5017 (Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 ...)
 	{DLA-630-1}
 	- zookeeper 3.4.9-1
@@ -26840,6 +26848,8 @@
 	- tomcat6 6.0.41-3 (low)
 	NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs
 	NOTE: http://markmail.org/message/pzuk6hauzljnm4r7?q=list:org.apache.tomcat.announce/
+	NOTE: Fixed by: http://svn.apache.org/r1758501 (8.0.x)
+	NOTE: Fixed by: http://svn.apache.org/r1758502 (7.0.x)
 CVE-2016-0761
 	RESERVED
 CVE-2016-0760 (Multiple incomplete blacklist vulnerabilities in Apache Sentry before ...)