Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f8c48563 by Salvatore Bonaccorso at 2019-07-13T21:32:51Z
Remove no-dsa tagged entries which got an update in DLA-1853-1
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -133466,7 +133466,6 @@ CVE-2016-9879 (An issue was discovered in Pivotal
Spring Security before 3.2.10,
NOTE: https://pivotal.io/security/cve-2016-9879
CVE-2016-9878 (An issue was discovered in Pivotal Spring Framework before
3.2.18, 4.2 ...)
- libspring-java 4.3.5-1 (bug #849167)
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://pivotal.io/security/cve-2016-9878
NOTE: Fixed by:
https://github.com/spring-projects/spring-framework/commit/e2d6e709c3c65a4951eb096843ee75d5200cfcad
(4.3.x branch)
@@ -182180,7 +182179,6 @@ CVE-2015-5212 (Integer underflow in LibreOffice
before 4.4.5 and Apache OpenOffi
NOTE:
https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
CVE-2015-5211 (Under some situations, the Spring Framework 4.2.0 to 4.2.1,
4.0.0 to 4 ...)
- libspring-java 4.1.9-1
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://jira.spring.io/browse/SPR-13548
NOTE: https://github.com/spring-projects/spring-framework/commit/2bd1da
@@ -187965,7 +187963,6 @@ CVE-2015-3193 (The Montgomery squaring implementation
in crypto/bn/asm/x86_64-mo
NOTE: https://www.openssl.org/news/secadv/20151203.txt
CVE-2015-3192 (Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do
not pro ...)
- libspring-java 4.1.9-1 (low; bug #796137)
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE: https://pivotal.io/security/cve-2015-3192
NOTE: https://jira.spring.io/browse/SPR-13136
@@ -213116,7 +213113,6 @@ CVE-2014-3626 (The Grails Resource Plugin often has
to exchange URIs for resourc
NOT-FOR-US: Grails Resource Plugin
CVE-2014-3625 (Directory traversal vulnerability in Pivotal Spring Framework
3.0.4 th ...)
- libspring-java 3.2.13-1 (bug #769698)
- [jessie] - libspring-java <no-dsa> (Minor issue)
[wheezy] - libspring-java <no-dsa> (Minor issue)
NOTE:
https://github.com/spring-projects/spring-framework/commit/3f68cd633f03370d33c2603a6496e81273782601
(3.2.x)
NOTE: https://jira.spring.io/browse/SPR-12354
@@ -213313,7 +213309,6 @@ CVE-2014-3579 (XML external entity (XXE)
vulnerability in Apache ActiveMQ Apollo
NOT-FOR-US: Apache ActiveMQ Apollo
CVE-2014-3578 (Directory traversal vulnerability in Pivotal Spring Framework
3.x befo ...)
- libspring-java 3.2.13-1 (low; bug #760733)
- [jessie] - libspring-java <no-dsa> (minor issue)
[wheezy] - libspring-java <no-dsa> (minor issue)
NOTE: https://github.com/spring-projects/spring-framework/issues/16414
NOTE:
https://github.com/spring-projects/spring-framework/commit/f6fddeb6eb7da625fd711ab371ff16512f431e8d
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8c48563f53de87ebd9ac5d0455883d6840add8a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8c48563f53de87ebd9ac5d0455883d6840add8a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
