[Git][security-tracker-team/security-tracker][master] Update version information on CVE-2016-0782/activemq

Tue Aug 28 20:43:30 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
67121e0f by Salvatore Bonaccorso at 2018-08-28T19:42:18Z
Update version information on CVE-2016-0782/activemq

Upstream versions fixing the issues are 5.11.4, 5.12.3 and 5.13.2. The
admin web console though is not enabled by default in Debian packaging,
thus only source affected and severity is thus unimportant.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -123309,7 +123309,8 @@ CVE-2016-0784 (Directory traversal vulnerability in the Import/Export System Bac
 CVE-2016-0783 (The sendHashByUser function in Apache OpenMeetings before 3.1.1 ...)
 	NOT-FOR-US: Apache OpenMeetings
 CVE-2016-0782 (The administration web console in Apache ActiveMQ 5.x before 5.11.4, ...)
-	- activemq <not-affected> (Admin console not enabled in the Debian package, see #702670)
+	- activemq 5.13.2+dfsg-1 (unimportant)
+	NOTE: Admin console not enabled in the Debian package, see #702670
 	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
 CVE-2016-0781 (The UAA OAuth approval pages in Cloud Foundry v208 to v231, ...)
 	NOT-FOR-US: Cloud Foundry



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/67121e0ffc6fcc1dfe576b369f158a6c256039b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/67121e0ffc6fcc1dfe576b369f158a6c256039b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180828/3d40f65c/attachment.html>
