[Git][security-tracker-team/security-tracker][master] CVE-2009-5047 was found to be a duplicate of CVE-2009-4611
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 21 20:18:23 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
84db0cda by Salvatore Bonaccorso at 2019-11-21T20:16:44Z
CVE-2009-5047 was found to be a duplicate of CVE-2009-4611
Move all information we have to the retained CVE entry and drop notes
from CVE-2009-5047. It was found that CVE-2009-5047 was back then a
resevation duplicate of the CVE-2009-4611 CVE identifier.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -309066,7 +309066,9 @@ CVE-2010-XXXX [ZF2010-07]
CVE-2009-4612 (Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP ...)
- jetty 6.1.22-1 (bug #575789)
CVE-2009-4611 (Mort Bay Jetty 6.x through 6.1.22 and 7.0.0 writes backtrace data with ...)
- - jetty 6.1.22-1
+ - jetty 6.1.22-1 (unimportant; bug #553644)
+ NOTE: http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt
+ NOTE: The affected apps are not shipped in the package, see #553644
CVE-2009-4610 (Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty ...)
- jetty <not-affected> (low; bug #575790)
NOTE: the exploitable servlet is not shipped in Debian packages
@@ -312147,9 +312149,6 @@ CVE-2009-5046 (JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22. ...
NOTE: The affected apps are not shipped in the package, see #553644
CVE-2009-5047
REJECTED
- - jetty 6.1.22-1 (unimportant; bug #553644)
- NOTE: http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt
- NOTE: The affected apps are not shipped in the package, see #553644
CVE-2009-5048 (Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20. ...)
- jetty 6.1.22-1 (unimportant; bug #553644)
NOTE: http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84db0cda3f9415a37e4c61e851a8694b83fac11c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/84db0cda3f9415a37e4c61e851a8694b83fac11c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191121/d2a1598d/attachment.html>
More information about the debian-security-tracker-commits
mailing list