[Git][security-tracker-team/security-tracker][master] Remove no-dsa flag from Tomcat 8 / Jessie in CVE list.

Mon, 11 May 2020 08:16:18 -0700 


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cc058251 by Markus Koschany at 2020-05-11T17:15:25+02:00
Remove no-dsa flag from Tomcat 8 / Jessie in CVE list.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28341,7 +28341,6 @@ CVE-2020-1938 (When using the Apache JServ Protocol 
(AJP), care must be taken wh
        {DSA-4680-1 DSA-4673-1 DLA-2133-1}
        - tomcat9 9.0.31-1 (bug #952437)
        - tomcat8 <removed> (bug #952438)
-       [jessie] - tomcat8 <no-dsa> (backport is intrusive because of API 
changes)
        - tomcat7 <removed> (bug #952436)
        NOTE: AJP disabled in Debian in default configuration since 2008
        NOTE: fixed in upstream versions 9.0.31, 8.5.51, 7.0.100
@@ -28368,7 +28367,6 @@ CVE-2020-1935 (In Apache Tomcat 9.0.0.M1 to 9.0.30, 
8.5.0 to 8.5.50 and 7.0.0 to
        {DSA-4680-1 DSA-4673-1 DLA-2133-1}
        - tomcat9 9.0.31-1
        - tomcat8 <removed>
-       [jessie] - tomcat8 <no-dsa> (backport is too intrusive)
        - tomcat7 <removed>
        NOTE: 
https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26
 (9.0.31)
        NOTE: 
https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56
 (8.5.51)
@@ -37325,7 +37323,6 @@ CVE-2019-17563 (When using FORM authentication with 
Apache Tomcat 9.0.0.M1 to 9.
        {DSA-4680-1 DSA-4596-1 DLA-2077-1}
        - tomcat9 9.0.31-1
        - tomcat8 <removed>
-       [jessie] - tomcat8 <no-dsa> (low risk, backport is intrusive)
        - tomcat7 <removed>
        NOTE: 
https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652
 (9.0.30)
        NOTE: 
https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c
 (8.5.50)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc05825194b70c8a7e9a81aec45617813775d81e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc05825194b70c8a7e9a81aec45617813775d81e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to