[Secure-testing-commits] r55583 - in data: . CVE
Ola Lundqvist
opal at moszumanska.debian.org
Fri Sep 8 19:52:10 UTC 2017
Author: opal
Date: 2017-09-08 19:52:10 +0000 (Fri, 08 Sep 2017)
New Revision: 55583
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Triaged struts.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-08 19:47:25 UTC (rev 55582)
+++ data/CVE/list 2017-09-08 19:52:10 UTC (rev 55583)
@@ -4576,6 +4576,8 @@
CVE-2017-12611
RESERVED
- libstruts1.2-java <removed>
+ [wheezy] - libstruts1.2-java <ignored> (Minor issue)
+ NOTE: Only a problem if the application programmer has made a security mistake.
NOTE: https://struts.apache.org/docs/s2-053.html
CVE-2017-12610
RESERVED
@@ -10629,6 +10631,8 @@
CVE-2017-9804
RESERVED
- libstruts1.2-java <removed>
+ [wheezy] - libstruts1.2-java <ignored> (Minor issue)
+ NOTE: DOS class vulnerability and classified as low by upstream.
NOTE: https://struts.apache.org/docs/s2-050.html
CVE-2017-9803
RESERVED
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-09-08 19:47:25 UTC (rev 55582)
+++ data/dla-needed.txt 2017-09-08 19:52:10 UTC (rev 55583)
@@ -99,6 +99,8 @@
NOTE: regression update, see:
NOTE: https://lists.debian.org/debian-lts/2017/05/msg00012.html
--
+libstruts1.2-java
+--
libvorbis
NOTE: 20170829: no fix available yet
--
More information about the Secure-testing-commits
mailing list