[Secure-testing-commits] r49540 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 10 03:58:05 UTC 2017
Author: carnil
Date: 2017-03-10 03:58:05 +0000 (Fri, 10 Mar 2017)
New Revision: 49540
Modified:
data/CVE/list
Log:
Mark CVE-2016-6199 as fixed in 2.13-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-10 03:36:42 UTC (rev 49539)
+++ data/CVE/list 2017-03-10 03:58:05 UTC (rev 49540)
@@ -27812,7 +27812,10 @@
CVE-2016-6200
RESERVED
CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to ...)
- - gradle <unfixed>
+ - gradle 2.13-1
+ NOTE: Starting from 2.13-1 it uses commons-collections:commons-collections:3.2.2
+ NOTE: https://philwantsfish.github.io/security/java-deserialization-github
+ NOTE: https://discuss.gradle.org/t/a-security-issue-about-gradle-rce/17726
CVE-2016-6196
RESERVED
CVE-2016-6195 (SQL injection vulnerability in forumrunner/includes/moderation.php in ...)
More information about the Secure-testing-commits
mailing list