On Thu, 28 Dec 2017 09:55:12 +0100 Salvatore Bonaccorso
<car...@debian.org> wrote:
> Source: undertow
> Severity: important
> Tags: security
> Hi,
> the following vulnerability was published for undertow.
> There is not much information available if that incomplete fix affects
> us as well. Or which this was fixed upstream. I asked for
> clarification in [1], but might you contact directly as well upstream
> about that?


I requested more information about the fix for CVE-2017-12165 in Red
Hat's bug tracker. I couldn't find a recent fixing commit in the
upstream Git repository.


Attachment: signature.asc
Description: OpenPGP digital signature

This is the maintainer address of Debian's Java team
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to