[Git][security-tracker-team/security-tracker][master] CVE-2021-30639,tomcat9: Buster and Bullseye are not affected
Markus Koschany (@apo)
apo at debian.org
Thu Aug 5 22:26:00 BST 2021
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8e340e4c by Markus Koschany at 2021-08-05T23:24:55+02:00
CVE-2021-30639,tomcat9: Buster and Bullseye are not affected
The vulnerable code was introduced in version 9.0.44
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17555,6 +17555,8 @@ CVE-2021-30640 (A vulnerability in the JNDI Realm of Apache Tomcat allows an att
NOTE: https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375 (8.5.66)
CVE-2021-30639 (A vulnerability in Apache Tomcat allows an attacker to remotely trigge ...)
- tomcat9 <unfixed> (bug #991046)
+ [bullseye] - tomcat9 <not-affected> (Vulnerable code was introduced later)
+ [buster] - tomcat9 <not-affected> (Vulnerable code was introduced later)
- tomcat8 <removed>
[stretch] - tomcat8 <not-affected> (Vulnerable code was introduced later)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=65203
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e340e4c29f40b15eae2ddc21ffa06248e531bb8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e340e4c29f40b15eae2ddc21ffa06248e531bb8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210805/f3ce4d5f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list