Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
89da5f8a by Salvatore Bonaccorso at 2019-08-17T19:02:59Z
Add CVE-2019-10086/commons-beanutils (relates to CVE-2014-0114)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14726,8 +14726,12 @@ CVE-2019-10088 (A carefully crafted or corrupt zip
file can cause an OOM in Apac
NOTE:
https://github.com/apache/tika/commit/426be73b9e7500fa3d441231fa4e473de34743f6
CVE-2019-10087
RESERVED
-CVE-2019-10086
+CVE-2019-10086 [BeanUtils2 mitigate CVE-2014-0114]
RESERVED
+ - commons-beanutils 1.9.4-1
+ NOTE: https://issues.apache.org/jira/browse/BEANUTILS-520
+ NOTE: https://github.com/apache/commons-beanutils/pull/7
+ NOTE:
https://github.com/apache/commons-beanutils/commit/dd48f4e589462a8cdb1f29bbbccb35d6b0291d58
CVE-2019-10085 (In Apache Allura prior to 1.11.0, a vulnerability exists for
stored XS ...)
NOT-FOR-US: Apache Allura
CVE-2019-10084
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/89da5f8a1bfb54c79fb0df1dde69ce1104224ae0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/89da5f8a1bfb54c79fb0df1dde69ce1104224ae0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
