[Git][security-tracker-team/security-tracker][master] 2 commits: Follow CVE-2016-4993 as well for src:undertow

Salvatore Bonaccorso carnil at debian.org
Fri May 25 07:49:18 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
599ac41b by Salvatore Bonaccorso at 2018-05-25T08:47:45+02:00
Follow CVE-2016-4993 as well for src:undertow

- - - - -
7be2b0d9 by Salvatore Bonaccorso at 2018-05-25T08:48:54+02:00
Add note for CVE-2018-1067

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -28436,6 +28436,7 @@ CVE-2018-1068 (A flaw was found in the Linux 4.x kernel's implementation of 32-b
 	NOTE: non-standard setups
 CVE-2018-1067 (In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the ...)
 	- undertow <unfixed>
+	NOTE: Issue is incomplete fix for CVE-2016-4993
 CVE-2018-1066 (The Linux kernel before version 4.11 is vulnerable to a NULL pointer ...)
 	{DSA-4188-1 DSA-4187-1}
 	- linux 4.11.6-1
@@ -97579,7 +97580,7 @@ CVE-2016-4994 (Use-after-free vulnerability in the xcf_load_image function in ..
 	- gimp 2.8.16-2.2 (bug #828179)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=767873
 CVE-2016-4993 (CRLF injection vulnerability in the Undertow web server in WildFly ...)
-	NOT-FOR-US: JBoss Enterprise Application Platform
+	- undertow <unfixed>
 CVE-2016-4992 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...)
 	- 389-ds-base 1.3.5.13-1
 	[jessie] - 389-ds-base <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/be0df6e66c465b92e405b070e7c5a0d78c68107c...7be2b0d9e2e64e7cc525ef6d3045fd1d24bc8789

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/be0df6e66c465b92e405b070e7c5a0d78c68107c...7be2b0d9e2e64e7cc525ef6d3045fd1d24bc8789
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180525/54c7b9b9/attachment.html>

More information about the debian-security-tracker-commits mailing list