Author: luk
Date: 2012-01-02 06:47:15 +0000 (Mon, 02 Jan 2012)
New Revision: 17988
Modified:
data/CVE/list
Log:
confirmed libspring-2.5-java not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-01-02 06:39:26 UTC (rev 17987)
+++ data/CVE/list 2012-01-02 06:47:15 UTC (rev 17988)
@@ -22658,8 +22658,7 @@
- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in
Struts ...)
- libstruts1.2-java <not-affected> (issue involves a problem in xwork,
which was introduced in struts2)
- - libspring-2.5-java <undetermined>
- TODO: check
+ - libspring-2.5-java <not-affected> (Vulnerable code not present)
CVE-2010-1869 (Stack-based buffer overflow in the parser function in
GhostScript 8.70 ...)
{DSA-2080-1}
- ghostscript 8.71~dfsg-4
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
