[Git][security-tracker-team/security-tracker][master] CVE-2021-30639,tomcat8: Stretch is not affected

Markus Koschany (@apo) apo at debian.org
Thu Aug 5 19:23:58 BST 2021



Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fba14444 by Markus Koschany at 2021-08-05T20:22:42+02:00
CVE-2021-30639,tomcat8: Stretch is not affected

The vulnerable code was introduced in version 8.5.64

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17515,6 +17515,7 @@ CVE-2021-30640 (A vulnerability in the JNDI Realm of Apache Tomcat allows an att
 CVE-2021-30639 (A vulnerability in Apache Tomcat allows an attacker to remotely trigge ...)
 	- tomcat9 <unfixed> (bug #991046)
 	- tomcat8 <removed>
+	[stretch] - tomcat8 <not-affected> (Vulnerable code was introduced later)
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=65203
 	NOTE: https://github.com/apache/tomcat/commit/8ece47c4a9fb9349e8862c84358a4dd23c643a24 (9.0.45)
 	NOTE: https://github.com/apache/tomcat/commit/411caf29ac1c16e6ac291b6e5543b2371dbd25e2 (8.5.65)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba14444a2592b9c17982ab3c380ed59dbf48094

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba14444a2592b9c17982ab3c380ed59dbf48094
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210805/3790e4a3/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list