[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2017-1000487/plexus-utils in unstable
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 9 21:02:44 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ef6629c7 by Salvatore Bonaccorso at 2018-01-09T22:02:05+01:00
Add fixing version for CVE-2017-1000487/plexus-utils in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -970,7 +970,7 @@ CVE-2017-1000489 (Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed cou
CVE-2017-1000488 (Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack ...)
NOT-FOR-US: Mautic
CVE-2017-1000487 (Plexus-utils before 3.0.16 is vulnerable to command injection because ...)
- - plexus-utils <unfixed>
+ - plexus-utils 1:1.5.15-5
- plexus-utils2 3.0.22-1
NOTE: https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522
NOTE: https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef6629c72ef297742afc448b1b24dc570a1f5dad
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef6629c72ef297742afc448b1b24dc570a1f5dad
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180109/0b507967/attachment-0001.html>
More information about the Secure-testing-commits
mailing list