[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1305/tomcat*

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4bb2da48 by Salvatore Bonaccorso at 2018-02-23T06:35:43+01:00
Add CVE-2018-1305/tomcat*

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -16008,8 +16008,20 @@ CVE-2018-1307 (In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL
 	NOT-FOR-US: Apache juddi-client
 CVE-2018-1306
 	RESERVED
-CVE-2018-1305
+CVE-2018-1305 [Security constraint annotations applied too late]
 	RESERVED
+	- tomcat9 <itp> (bug #802312)
+	- tomcat8 8.5.28-1
+	- tomcat8.0 <unfixed> (unimportant)
+	NOTE: tomcat8.0 builds only tomcat8.0-user and libtomcat8.0-java
+	- tomcat7 7.0.72-3
+	NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
+	NOTE: https://svn.apache.org/r1823314 (8.5.x)
+	NOTE: https://svn.apache.org/r1824358 (8.5.x)
+	NOTE: https://svn.apache.org/r1823319 (8.0.x)
+	NOTE: https://svn.apache.org/r1824359 (8.0.x)
+	NOTE: https://svn.apache.org/r1823322 (7.0.x)
+	NOTE: https://svn.apache.org/r1824360 (7.0.x)
 CVE-2018-1304
 	RESERVED
 CVE-2018-1303



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4bb2da484de086ada60c957f55e38e5e1d48ef69

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4bb2da484de086ada60c957f55e38e5e1d48ef69
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180223/bc7e9c78/attachment.html>