[Git][security-tracker-team/security-tracker][master] CVE-2021-30639,tomcat8: Stretch is not affected
Markus Koschany (@apo)
apo at debian.org
Thu Aug 5 19:23:58 BST 2021
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fba14444 by Markus Koschany at 2021-08-05T20:22:42+02:00
CVE-2021-30639,tomcat8: Stretch is not affected
The vulnerable code was introduced in version 8.5.64
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17515,6 +17515,7 @@ CVE-2021-30640 (A vulnerability in the JNDI Realm of Apache Tomcat allows an att
CVE-2021-30639 (A vulnerability in Apache Tomcat allows an attacker to remotely trigge ...)
- tomcat9 <unfixed> (bug #991046)
- tomcat8 <removed>
+ [stretch] - tomcat8 <not-affected> (Vulnerable code was introduced later)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=65203
NOTE: https://github.com/apache/tomcat/commit/8ece47c4a9fb9349e8862c84358a4dd23c643a24 (9.0.45)
NOTE: https://github.com/apache/tomcat/commit/411caf29ac1c16e6ac291b6e5543b2371dbd25e2 (8.5.65)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba14444a2592b9c17982ab3c380ed59dbf48094
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba14444a2592b9c17982ab3c380ed59dbf48094
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210805/3790e4a3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list