[Secure-testing-commits] r55005 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Aug 23 20:40:52 UTC 2017
Author: jmm
Date: 2017-08-23 20:40:52 +0000 (Wed, 23 Aug 2017)
New Revision: 55005
Modified:
data/CVE/list
Log:
gradle ignored for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-23 19:13:43 UTC (rev 55004)
+++ data/CVE/list 2017-08-23 20:40:52 UTC (rev 55005)
@@ -48126,9 +48126,11 @@
RESERVED
CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to ...)
- gradle 2.13-1
+ [jessie] - gradle <ignored> (Minor issue)
NOTE: Starting from 2.13-1 it uses commons-collections:commons-collections:3.2.2
NOTE: https://philwantsfish.github.io/security/java-deserialization-github
NOTE: https://discuss.gradle.org/t/a-security-issue-about-gradle-rce/17726
+ NOTE: ObjectSocketWrapper only used by Gradle UI, which was removed in current releases (4.x)
CVE-2016-6196
RESERVED
CVE-2016-6195 (SQL injection vulnerability in forumrunner/includes/moderation.php in ...)
More information about the Secure-testing-commits
mailing list