[Secure-testing-commits] r52431 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jun 9 04:15:54 UTC 2017
Author: carnil
Date: 2017-06-09 04:15:53 +0000 (Fri, 09 Jun 2017)
New Revision: 52431
Modified:
data/CVE/list
Log:
Drop now unneeded comments
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-08 21:34:07 UTC (rev 52430)
+++ data/CVE/list 2017-06-09 04:15:53 UTC (rev 52431)
@@ -11191,12 +11191,6 @@
- tomcat6 6.0.41-3
NOTE: Since 6.0.41-3, src:tomcat6 only builds a servlet and docs in Jessie
[wheezy] - tomcat6 <end-of-life> (Not supported in Wheezy)
- NOTE: Even though jessie version of tomcat6 is not vulnerable wheezy is.
- NOTE: A starting point is an extract of the tomcat 8 changes that can be
- NOTE: found here: http://apt.inguza.net/wheezy-security/tomcat/tomcat8-CVE-2017-5664.patch
- NOTE: Something similar to that have to be back-ported to tomcat6.
- NOTE: For tomcat7 the file from latest tomcat7 can probably be used
- NOTE: more or less as is.
NOTE: https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E
NOTE: Fixed by: http://svn.apache.org/r1793469 (8.5.x)
NOTE: Fixed by: http://svn.apache.org/r1793488 (8.5.x)
More information about the Secure-testing-commits
mailing list