On Thu, 28 Dec 2017 09:55:12 +0100 Salvatore Bonaccorso <car...@debian.org> wrote: > Source: undertow > Severity: important > Tags: security > > Hi, > > the following vulnerability was published for undertow. > > There is not much information available if that incomplete fix affects > us as well. Or which this was fixed upstream. I asked for > clarification in [1], but might you contact directly as well upstream > about that?
Hi, I requested more information about the fix for CVE-2017-12165 in Red Hat's bug tracker. I couldn't find a recent fixing commit in the upstream Git repository. Markus
signature.asc
Description: OpenPGP digital signature
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.