[Secure-testing-commits] r52607 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jun 16 07:07:02 UTC 2017


Author: carnil
Date: 2017-06-16 07:07:01 +0000 (Fri, 16 Jun 2017)
New Revision: 52607

Modified:
   data/CVE/list
Log:
Add CVE-2016-4000/jython

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-16 07:01:21 UTC (rev 52606)
+++ data/CVE/list	2017-06-16 07:07:01 UTC (rev 52607)
@@ -45123,8 +45123,11 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326540
 	NOTE: Upstream commit: https://git.kernel.org/linus/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/fb09692e71f13af7298eb603a1975850b1c7a8d8 (v3.9-rc1)
-CVE-2016-4000
+CVE-2016-4000 [Unsafe deserialization leads to code execution]
 	RESERVED
+	- jython <unfixed>
+	NOTE: http://bugs.jython.org/issue2454
+	NOTE: https://hg.python.org/jython/rev/d06e29d100c0
 CVE-2016-3999 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
 	NOT-FOR-US: Zimbra
 CVE-2016-3998




More information about the Secure-testing-commits mailing list