[Git][security-tracker-team/security-tracker][master] Add tracking for CVE-2018-1285/log4net
Salvatore Bonaccorso
carnil at debian.org
Mon May 11 18:16:43 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8a9c50c6 by Salvatore Bonaccorso at 2020-05-11T19:15:52+02:00
Add tracking for CVE-2018-1285/log4net
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -139859,6 +139859,9 @@ CVE-2018-1286 (In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileg
NOT-FOR-US: Apache OpenMeetings
CVE-2018-1285
RESERVED
+ - log4net <unfixed>
+ NOTE: https://issues.apache.org/jira/browse/LOG4NET-575
+ NOTE: https://github.com/apache/logging-log4net/commit/d0b4b0157d4af36b23c24a23739c47925c3bd8d7
CVE-2018-1284 (In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs ...)
NOT-FOR-US: Apache Hive
CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to for ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a9c50c63b16585b0444e4142de8088ad4b5821f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a9c50c63b16585b0444e4142de8088ad4b5821f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200511/3335a55f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list