[Git][security-tracker-team/security-tracker][master] new spring issues, spring NFUs

Wed, 16 May 2018 03:18:02 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dfdc7c4f by Moritz Muehlenhoff at 2018-05-16T12:16:41+02:00
new spring issues, spring NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26745,17 +26745,19 @@ CVE-2018-1263 (Addresses partial fix in 
CVE-2018-1261. Pivotal ...)
 CVE-2018-1262 (Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, 
introduced a ...)
        TODO: check
 CVE-2018-1261 (Spring-integration-zip versions prior to 1.0.1 exposes an 
arbitrary ...)
-       TODO: check
+       NOT-FOR-US: Spring-integration-zip
 CVE-2018-1260 (Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior 
to ...)
-       TODO: check
+       NOT-FOR-US: Spring Security OAuth
 CVE-2018-1259 (Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 
prior to ...)
-       TODO: check
+       NOT-FOR-US: Spring Data Commons
 CVE-2018-1258 (Spring Security in combination with Spring Framework versions 
prior to ...)
-       TODO: check
+       - libspring-security-2.0-java <removed>
+       NOTE: https://pivotal.io/security/cve-2018-1258
 CVE-2018-1257 (Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x 
prior ...)
-       TODO: check
+       - libspring-java <unfixed>
+       NOTE: https://pivotal.io/security/cve-2018-1257
 CVE-2018-1256 (Spring Cloud SSO Connector, version 2.1.2, contains a 
regression which ...)
-       TODO: check
+       NOT-FOR-US: Spring Cloud SSO Connector
 CVE-2018-1255
        RESERVED
 CVE-2018-1254



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dfdc7c4fddbd9803f332d7f3cff69e3c7b41b5fd

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dfdc7c4fddbd9803f332d7f3cff69e3c7b41b5fd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to