tags 677194 + moreinfo
severity 677194 important

On Tue, Jun 12, 2012 at 10:39:02AM +0200, Moritz Muehlenhoff wrote:
> Package: mojarra
> Severity: grave
> Tags: security
> Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2672
> I'm not sure if Debian is affected, please verify.


I'm unable to reproduce this bug with mojarra under tomcat7. I didn't try
with tomcat6, jetty6 or jetty8.

However, in the bugtracker somebody commented this only affects EAP6/AS7
application servers and those ones are not available in Debian.


Miguel Landaeta, miguel at miguel.cc
secure email with PGP 0x6E608B637D8967E9 available at http://keyserver.pgp.com/
"Faith means not wanting to know what is true." -- Nietzsche

Attachment: signature.asc
Description: Digital signature

This is the maintainer address of Debian's Java team
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to