Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e514c8d2 by Markus Koschany at 2019-05-05T12:54:33Z
CVE-2019-0187,jakarta-jmeter: Mark as no-dsa for Jessie
The particular vulnerable code is not present in all versions. However those
versions are not able to encrypt traffic between nodes which makes them
vulnerable to similar attacks.
Since jmeter is used for development purposes and not in production,
the severity is rather low.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31455,7 +31455,8 @@ CVE-2019-0189
CVE-2019-0188
RESERVED
CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in
distributed mod ...)
- - jakarta-jmeter <undetermined>
+ - jakarta-jmeter <unfixed>
+ [jessie] - jakarta-jmeter <no-dsa> (Minor issue)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743
CVE-2019-0186 (The input fields of the Apache Pluto "Chat Room" demo portlet
3.0.0 an ...)
NOT-FOR-US: Apache Pluto "Chat Room" demo portlet
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e514c8d2ca0d667d1f41c52152942aa713796f8f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e514c8d2ca0d667d1f41c52152942aa713796f8f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
