[Secure-testing-commits] r52765 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jun 21 06:49:06 UTC 2017
Author: carnil
Date: 2017-06-21 06:49:06 +0000 (Wed, 21 Jun 2017)
New Revision: 52765
Modified:
data/CVE/list
Log:
Add note for CVE-2017-3254
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-21 04:35:02 UTC (rev 52764)
+++ data/CVE/list 2017-06-21 06:49:06 UTC (rev 52765)
@@ -73425,7 +73425,9 @@
[squeeze] - policykit-1 <no-dsa> (Minor issue)
NOTE: http://cgit.freedesktop.org/polkit/commit/?id=9f5e0c731784003bd4d6fc75ab739ff8b2ea269f
CVE-2015-3254 (The client libraries in Apache Thrift before 0.9.3 might allow remote ...)
- TODO: check
+ NOTE: Affects src:thrift, which is only in experimental. The issue is fixed upstream in 0.9.3
+ NOTE: so any future upload of thrift to unstable can mark this item as <not-affected> (fixed
+ NOTE: before the initial upload to Debian unstable)
CVE-2015-3253 (The MethodClosure class in runtime/MethodClosure.java in Apache Groovy ...)
{DLA-274-1}
- groovy 2.4.6-1 (bug #793397)
More information about the Secure-testing-commits
mailing list