[Git][security-tracker-team/security-tracker][master] new spring issues, spring NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed May 16 11:17:10 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dfdc7c4f by Moritz Muehlenhoff at 2018-05-16T12:16:41+02:00
new spring issues, spring NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26745,17 +26745,19 @@ CVE-2018-1263 (Addresses partial fix in CVE-2018-1261. Pivotal ...)
CVE-2018-1262 (Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a ...)
TODO: check
CVE-2018-1261 (Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary ...)
- TODO: check
+ NOT-FOR-US: Spring-integration-zip
CVE-2018-1260 (Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to ...)
- TODO: check
+ NOT-FOR-US: Spring Security OAuth
CVE-2018-1259 (Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to ...)
- TODO: check
+ NOT-FOR-US: Spring Data Commons
CVE-2018-1258 (Spring Security in combination with Spring Framework versions prior to ...)
- TODO: check
+ - libspring-security-2.0-java <removed>
+ NOTE: https://pivotal.io/security/cve-2018-1258
CVE-2018-1257 (Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior ...)
- TODO: check
+ - libspring-java <unfixed>
+ NOTE: https://pivotal.io/security/cve-2018-1257
CVE-2018-1256 (Spring Cloud SSO Connector, version 2.1.2, contains a regression which ...)
- TODO: check
+ NOT-FOR-US: Spring Cloud SSO Connector
CVE-2018-1255
RESERVED
CVE-2018-1254
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dfdc7c4fddbd9803f332d7f3cff69e3c7b41b5fd
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dfdc7c4fddbd9803f332d7f3cff69e3c7b41b5fd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180516/8901e934/attachment.html>
More information about the debian-security-tracker-commits
mailing list