[Secure-testing-commits] r52424 - in data: . CVE
Ola Lundqvist
opal at moszumanska.debian.org
Thu Jun 8 19:15:11 UTC 2017
Author: opal
Date: 2017-06-08 19:15:11 +0000 (Thu, 08 Jun 2017)
New Revision: 52424
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Tomcat has reached end-of-life.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-08 18:57:34 UTC (rev 52423)
+++ data/CVE/list 2017-06-08 19:15:11 UTC (rev 52424)
@@ -11184,7 +11184,7 @@
NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
- tomcat6 6.0.41-3
NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
- [wheezy] - tomcat6 <unfixed>
+ [wheezy] - tomcat6 <end-of-life> (Not supported in Wheezy)
NOTE: Even though jessie version of tomcat6 is not vulnerable wheezy is.
NOTE: A starting point is an extract of the tomcat 8 changes that can be
NOTE: found here: http://apt.inguza.net/wheezy-security/tomcat/tomcat8-CVE-2017-5664.patch
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-06-08 18:57:34 UTC (rev 52423)
+++ data/dla-needed.txt 2017-06-08 19:15:11 UTC (rev 52424)
@@ -116,8 +116,6 @@
NOTE: two leaks (CVE-2017-9403, CVE-2017-9404). Might be worth waiting until
NOTE: more issues piled up
--
-tomcat6
---
tomcat7
--
trafficserver
More information about the Secure-testing-commits
mailing list