[Secure-testing-commits] r53517 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jul 15 19:30:45 UTC 2017


Author: carnil
Date: 2017-07-15 19:30:45 +0000 (Sat, 15 Jul 2017)
New Revision: 53517

Modified:
   data/CVE/list
Log:
Add advisory references for apache2

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-15 19:30:35 UTC (rev 53516)
+++ data/CVE/list	2017-07-15 19:30:45 UTC (rev 53517)
@@ -2467,9 +2467,11 @@
 CVE-2017-9789 (When under stress, closing many connections, the HTTP/2 handling code ...)
 	- apache2 <unfixed>
 	[wheezy] - apache2 <not-affected> (Vulnerable code not present, no mod_http2)
+	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
 	TODO: check, possibly affects only 2.4.26
 CVE-2017-9788 (In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value ...)
 	- apache2 <unfixed>
+	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27
 CVE-2017-9787 (When using a Spring AOP functionality to secure Struts actions it is ...)
 	TODO: check
 CVE-2017-9786




More information about the Secure-testing-commits mailing list