Author: apo-guest
Date: 2016-02-28 13:51:43 +0000 (Sun, 28 Feb 2016)
New Revision: 40004
Modified:
data/CVE/list
Log:
Mark CVE-2015-5351 as fixed since 6.0.45-1~deb6u1
The upstream advisory makes no reference about the 6.x series but looking at
the code reveals that this issue was also fixed in 6.0.45.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-28 13:49:10 UTC (rev 40003)
+++ data/CVE/list 2016-02-28 13:51:43 UTC (rev 40004)
@@ -16604,11 +16604,12 @@
- tomcat9 <itp> (bug #802312)
- tomcat8 8.0.32-1
- tomcat7 7.0.68-1
- - tomcat6 <undetermined>
+ - tomcat6 6.0.45-1~deb6u1
NOTE: Fixed in 7.0.68, 8.0.32, 9.0.0.M3
- NOTE: Unstable upload marks CVe-2015-5351 as fixed in
tomcat6/6.0.45+dfsg-1 but
- NOTE: upstream advisory does not make reference to 6.x
- TODO: check 6.x series
+ NOTE: Upstream advisory does not make reference to 6.x but looking at
the
+ NOTE: upstream patches reveals that this issue is fixed since
6.0.45-1~deb6u1.
+ NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720661
+ NOTE: http://svn.apache.org/viewvc?view=revision&revision=1720663
CVE-2015-5350
RESERVED
CVE-2015-5349
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
