[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries which got an update in DLA-1853-1
Salvatore Bonaccorso
carnil at debian.org
Sat Jul 13 22:40:34 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f8c48563 by Salvatore Bonaccorso at 2019-07-13T21:32:51Z
Remove no-dsa tagged entries which got an update in DLA-1853-1
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -133466,7 +133466,6 @@ CVE-2016-9879 (An issue was discovered in Pivotal Spring Security before 3.2.10,
NOTE: https://pivotal.io/security/cve-2016-9879
CVE-2016-9878 (An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2 ...)
- libspring-java 4.3.5-1 (bug #849167)
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://pivotal.io/security/cve-2016-9878
NOTE: Fixed by: https://github.com/spring-projects/spring-framework/commit/e2d6e709c3c65a4951eb096843ee75d5200cfcad (4.3.x branch)
@@ -182180,7 +182179,6 @@ CVE-2015-5212 (Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffi
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
CVE-2015-5211 (Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4 ...)
- libspring-java 4.1.9-1
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://jira.spring.io/browse/SPR-13548
NOTE: https://github.com/spring-projects/spring-framework/commit/2bd1da
@@ -187965,7 +187963,6 @@ CVE-2015-3193 (The Montgomery squaring implementation in crypto/bn/asm/x86_64-mo
NOTE: https://www.openssl.org/news/secadv/20151203.txt
CVE-2015-3192 (Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not pro ...)
- libspring-java 4.1.9-1 (low; bug #796137)
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://pivotal.io/security/cve-2015-3192
NOTE: https://jira.spring.io/browse/SPR-13136
@@ -213116,7 +213113,6 @@ CVE-2014-3626 (The Grails Resource Plugin often has to exchange URIs for resourc
NOT-FOR-US: Grails Resource Plugin
CVE-2014-3625 (Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 th ...)
- libspring-java 3.2.13-1 (bug #769698)
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601 (3.2.x)
NOTE: https://jira.spring.io/browse/SPR-12354
@@ -213313,7 +213309,6 @@ CVE-2014-3579 (XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo
NOT-FOR-US: Apache ActiveMQ Apollo
CVE-2014-3578 (Directory traversal vulnerability in Pivotal Spring Framework 3.x befo ...)
- libspring-java 3.2.13-1 (low; bug #760733)
- [jessie] - libspring-java <no-dsa> (minor issue)
[wheezy] - libspring-java <no-dsa> (minor issue)
NOTE: https://github.com/spring-projects/spring-framework/issues/16414
NOTE: https://github.com/spring-projects/spring-framework/commit/f6fddeb6eb7da625fd711ab371ff16512f431e8d
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8c48563f53de87ebd9ac5d0455883d6840add8a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8c48563f53de87ebd9ac5d0455883d6840add8a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190713/e9845b9d/attachment.html>
More information about the debian-security-tracker-commits
mailing list