[Secure-testing-commits] r52373 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jun 7 05:37:08 UTC 2017
Author: carnil
Date: 2017-06-07 05:37:07 +0000 (Wed, 07 Jun 2017)
New Revision: 52373
Modified:
data/CVE/list
Log:
Record new tomcat issue, CVE-2017-5664
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-07 05:29:06 UTC (rev 52372)
+++ data/CVE/list 2017-06-07 05:37:07 UTC (rev 52373)
@@ -11048,7 +11048,20 @@
NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
NOTE: No security impact, crash in CLI tool
CVE-2017-5664 (The error page mechanism of the Java Servlet Specification requires ...)
- TODO: check
+ - tomcat9 <itp> (bug #802312)
+ - tomcat8 <unfixed>
+ - tomcat7 7.0.72-3
+ NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
+ - tomcat6 6.0.41-3
+ NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
+ NOTE: https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E
+ NOTE: Fixed by; http://svn.apache.org/r1793469 (8.5.x)
+ NOTE: Fixed by: http://svn.apache.org/r1793488 (8.5.x)
+ NOTE: Fixed by: http://svn.apache.org/r1793489 (8.0.x)
+ NOTE: Fixed by: http://svn.apache.org/r1793470 (8.x.x)
+ NOTE: Fixed by: http://svn.apache.org/r1793471 (7.0.x)
+ NOTE: Fixed by: http://svn.apache.org/r1793491 (7.0.x)
+ TODO: double-check
CVE-2017-5663
RESERVED
CVE-2017-5662 (In Apache Batik before 1.9, files lying on the filesystem of the ...)
More information about the Secure-testing-commits
mailing list