[Secure-testing-commits] r53517 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 15 19:30:45 UTC 2017
Author: carnil
Date: 2017-07-15 19:30:45 +0000 (Sat, 15 Jul 2017)
New Revision: 53517
Modified:
data/CVE/list
Log:
Add advisory references for apache2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-15 19:30:35 UTC (rev 53516)
+++ data/CVE/list 2017-07-15 19:30:45 UTC (rev 53517)
@@ -2467,9 +2467,11 @@
CVE-2017-9789 (When under stress, closing many connections, the HTTP/2 handling code ...)
- apache2 <unfixed>
[wheezy] - apache2 <not-affected> (Vulnerable code not present, no mod_http2)
+ NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
TODO: check, possibly affects only 2.4.26
CVE-2017-9788 (In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value ...)
- apache2 <unfixed>
+ NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
CVE-2017-9787 (When using a Spring AOP functionality to secure Struts actions it is ...)
TODO: check
CVE-2017-9786
More information about the Secure-testing-commits
mailing list