Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
48d1af2a by Salvatore Bonaccorso at 2019-05-18T19:29:57Z
Add CVE-2019-0221 for tomcat{9,8,7}
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32361,8 +32361,14 @@ CVE-2019-0222 (In Apache ActiveMQ 5.0.0 - 5.15.8,
unmarshalling corrupt MQTT fra
[stretch] - activemq <no-dsa> (Minor issue)
[jessie] - activemq <not-affected> (MQTT support not enabled)
NOTE:
http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
-CVE-2019-0221
- RESERVED
+CVE-2019-0221 [XSS in SSI printenv]
+ RESERVED
+ - tomcat9 <unfixed>
+ - tomcat8 <removed>
+ - tomcat7 <removed>
+ NOTE: https://github.com/apache/tomcat/commit/15fcd16 (9.0.19)
+ NOTE: https://github.com/apache/tomcat/commit/4fcdf70 (8.5.39)
+ NOTE: https://github.com/apache/tomcat/commit/44ec74c (7.0.93)
CVE-2019-0220 [Apache httpd URL normalization inconsistincy]
RESERVED
{DSA-4422-1 DLA-1748-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/48d1af2ab90f847c1df3208e92f3d15530cfc1d9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/48d1af2ab90f847c1df3208e92f3d15530cfc1d9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
