[Secure-testing-commits] r57090 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Oct 28 20:28:03 UTC 2017


Author: carnil
Date: 2017-10-28 20:28:03 +0000 (Sat, 28 Oct 2017)
New Revision: 57090

Modified:
   data/CVE/list
Log:
Add new source entry for CVE-2017-12617/tomcat8.0

tomcat8.0 got packaged as well (unfortunately?). So we need to start
tracking tomcat8.0 as well. The issue is fixed in 8.0.47 only so add an
unfixed entry.

We might need to re-investigate the older CVEs.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-28 20:27:51 UTC (rev 57089)
+++ data/CVE/list	2017-10-28 20:28:03 UTC (rev 57090)
@@ -9388,6 +9388,7 @@
 CVE-2017-12617 (When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to ...)
 	- tomcat9 <itp> (bug #802312)
 	- tomcat8 8.5.23-1
+	- tomcat8.0 <unfixed>
 	- tomcat7 7.0.72-3
 	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
 	NOTE: https://svn.apache.org/r1809673 (8.5.x)




More information about the Secure-testing-commits mailing list