[Git][security-tracker-team/security-tracker][master] Triage CVE-2022-25762,CVE-2022-29885,tomcat8 for Stretch

Markus Koschany (@apo) apo at debian.org
Sat May 14 21:04:15 BST 2022 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a1af0a94 by Markus Koschany at 2022-05-14T22:00:34+02:00
Triage CVE-2022-25762,CVE-2022-29885,tomcat8 for Stretch

One minor documentation issue and a possibly backwards incompatible change that
is too intrusive and might do more harm than good.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2279,6 +2279,7 @@ CVE-2022-29885 (The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0
 	[bullseye] - tomcat9 <postponed> (Minor issue)
 	[buster] - tomcat9 <postponed> (Minor issue)
 	- tomcat8 <removed>
+	[stretch] - tomcat8 <postponed> (Minor issue)
 	NOTE: https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48 (9.0.63)
 	NOTE: https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890 (8.5.79)
 CVE-2022-29884
@@ -13912,6 +13913,7 @@ CVE-2022-26874 (lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4
 CVE-2022-25762 (If a web application sends a WebSocket message concurrently with the W ...)
 	- tomcat9 9.0.22-1
 	- tomcat8 <removed>
+	[stretch] - tomcat8 <ignored> (Possibly backwards incompatible changes)
 	NOTE: https://github.com/apache/tomcat/commit/e2d5a040b962a904db5264b3cb3282c6b05f823c (9.0.21)
 	NOTE: https://github.com/apache/tomcat/commit/7046644bf361b89afc246b6643e24ce2ae60cacc (9.0.21)
 	NOTE: https://github.com/apache/tomcat/commit/339b40bc07bdba9ded565929b9a3448c5a78f015 (9.0.21)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1af0a9404d6dddaef0c698d96fe146960197439

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1af0a9404d6dddaef0c698d96fe146960197439
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220514/e319640c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list