Author: hertzog
Date: 2014-10-14 14:40:27 +0000 (Tue, 14 Oct 2014)
New Revision: 29400
Modified:
data/CVE/list
Log:
Mark CVE-2012-2672/mojarra as not-affected on squeeze
Same reasoning as for Wheezy.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-14 14:40:19 UTC (rev 29399)
+++ data/CVE/list 2014-10-14 14:40:27 UTC (rev 29400)
@@ -49714,6 +49714,7 @@
CVE-2012-2672 (Oracle Mojarra 2.1.7 does not properly "clean up" the
FacesContext ...)
- mojarra 2.2.8-1 (bug #677194)
[wheezy] - mojarra <not-affected> (Only affected in combination with
EAP6/AS7 application servers, not shipped in Debian)
+ [squeeze] - mojarra <not-affected> (Only affected in combination with
EAP6/AS7 application servers, not shipped in Debian)
CVE-2012-2671 (The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and
other ...)
NOTE: https://github.com/rtomayko/rack-cache/blob/master/CHANGES
- ruby-rack-cache 1.2-1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
