Am 08.01.2018 um 20:31 schrieb Salvatore Bonaccorso:
[...]
> Ok, thanks a lot for double checking. Again, I'm not sure how pressing
> the issue is, I'm defering a DSA/no-DSA decision to one of my
> teammates. Privilege escalation rings some bells obviously.
>
> For older versions than 4.3.3, am I
Hey!
On Mon, Jan 08, 2018 at 06:03:48PM +0100, Markus Koschany wrote:
> Hi,
>
> Am 08.01.2018 um 17:44 schrieb Salvatore Bonaccorso:
> [...]
> > So the patched files exits, and similar code flow is present.
> >
> > I explicitly have not looked (yet) at 4.0.2.GA which is in jessie (and
> > wheezy
Hi,
Am 08.01.2018 um 17:44 schrieb Salvatore Bonaccorso:
[...]
> So the patched files exits, and similar code flow is present.
>
> I explicitly have not looked (yet) at 4.0.2.GA which is in jessie (and
> wheezy), just the 4.3.3 based versions in stable and unstable yet.
>
> What do you miss?
Oh
Hi Abhijith, hi Markus
On Mon, Jan 08, 2018 at 04:01:17PM +0100, Markus Koschany wrote:
> Am 08.01.2018 um 13:32 schrieb Abhijith PA:
> > Hello. :)
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1465573#c24 says it affects
> > all 5.x version. But Debian haven't shipped this version yet. And
Am 08.01.2018 um 13:32 schrieb Abhijith PA:
> Hello. :)
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1465573#c24 says it affects
> all 5.x version. But Debian haven't shipped this version yet. And
> upstream patched files doesn't exist in 4.3.3 (version in Debian sid).
> So could you please ela
Hello. :)
https://bugzilla.redhat.com/show_bug.cgi?id=1465573#c24 says it affects
all 5.x version. But Debian haven't shipped this version yet. And
upstream patched files doesn't exist in 4.3.3 (version in Debian sid).
So could you please elaborate on how your research find 4.3.3 affected ?
--
A
Control: found -1 4.3.3-1
Control: tags -1 + upstream fixed-upstream
On Thu, Dec 28, 2017 at 10:30:55AM +0100, Salvatore Bonaccorso wrote:
> Source: libhibernate-validator-java
> Severity: important
> Tags: security
>
> Hi,
>
> the following vulnerability was published for
> libhibernate-validat
Source: libhibernate-validator-java
Severity: important
Tags: security
Hi,
the following vulnerability was published for
libhibernate-validator-java. There is unfortunately not much
information available, cf. [1].
CVE-2017-7536[0]:
Privilege escalation when running under the security manager
If
8 matches
Mail list logo