[Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2020-17523/shiro as <not-affected> for stretch
Roberto C. Sánchez (@roberto)
roberto at debian.org
Sun Aug 1 06:44:35 BST 2021
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
51f8fe3e by Roberto C. Sánchez at 2021-08-01T01:43:56-04:00
LTS: mark CVE-2020-17523/shiro as <not-affected> for stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -77056,6 +77056,7 @@ CVE-2020-17523 (Apache Shiro before 1.7.1, when using Apache Shiro with Spring,
- shiro <unfixed> (bug #988728)
[bullseye] - shiro <no-dsa> (Minor issue)
[buster] - shiro <no-dsa> (Minor issue)
+ [stretch] - shiro <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2021/02/01/3
NOTE: https://issues.apache.org/jira/browse/SHIRO-797
CVE-2020-17522 (When ORT (now via atstccfg) generates ip_allow.config files in Apache ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51f8fe3ef551cf288ff91a90e9e93295344af746
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51f8fe3ef551cf288ff91a90e9e93295344af746
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210801/0ffce325/attachment.htm>
More information about the debian-security-tracker-commits
mailing list