[Secure-testing-commits] r52630 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jun 16 21:08:19 UTC 2017


Author: carnil
Date: 2017-06-16 21:08:11 +0000 (Fri, 16 Jun 2017)
New Revision: 52630

Modified:
   data/CVE/list
Log:
Add fixed version for CVE-2016-4000/jython

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-16 21:07:00 UTC (rev 52629)
+++ data/CVE/list	2017-06-16 21:08:11 UTC (rev 52630)
@@ -45154,7 +45154,7 @@
 	NOTE: Introduced by: https://git.kernel.org/linus/fb09692e71f13af7298eb603a1975850b1c7a8d8 (v3.9-rc1)
 CVE-2016-4000 [Unsafe deserialization leads to code execution]
 	RESERVED
-	- jython <unfixed> (bug #864859)
+	- jython 2.5.3-17 (bug #864859)
 	NOTE: http://bugs.jython.org/issue2454
 	NOTE: https://hg.python.org/jython/rev/d06e29d100c0
 CVE-2016-3999 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)




More information about the Secure-testing-commits mailing list