[Secure-testing-commits] r49011 - in data: CVE DLA DSA

Thu, 16 Feb 2017 13:02:56 -0800 

Author: carnil
Date: 2017-02-16 21:01:42 +0000 (Thu, 16 Feb 2017)
New Revision: 49011

Modified:
   data/CVE/list
   data/DLA/list
   data/DSA/list
Log:
Got Use CVE-2017-6056 assignment for tomcat issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-02-16 20:52:18 UTC (rev 49010)
+++ data/CVE/list       2017-02-16 21:01:42 UTC (rev 49011)
@@ -103,14 +103,9 @@
        NOTE: http://trac.kodi.tv/ticket/17314
 CVE-2017-5681
        RESERVED
-CVE-2017-XXXX [tomcat DoS via infinite loop in HTTPS request processing]
+CVE-2017-6056 [tomcat DoS via infinite loop in HTTPS request processing]
        - tomcat8 <unfixed> (bug #851304)
-       [jessie] - tomcat8 8.0.14-1+deb8u7
-       NOTE: Workaround entry for DSA-3788-1 until CVE assigned
        - tomcat7 7.0.72-3
-       [jessie] - tomcat7 7.0.56-3+deb8u8
-       [wheezy] - tomcat7 7.0.28-4+deb7u10
-       NOTE: Workaround entry for DSA-3787-1 until CVE assigned
        NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
        NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=57544
 CVE-2017-5981 [assertion failure in seeko.c]

Modified: data/DLA/list
===================================================================
--- data/DLA/list       2017-02-16 20:52:18 UTC (rev 49010)
+++ data/DLA/list       2017-02-16 21:01:42 UTC (rev 49011)
@@ -2,6 +2,7 @@
        {CVE-2016-10195 CVE-2016-10196 CVE-2016-10197}
        [wheezy] - libevent 2.0.19-stable-3+deb7u2
 [14 Feb 2017] DLA-823-1 tomcat7 - security update
+       {CVE-2017-6056}
        [wheezy] - tomcat7 7.0.28-4+deb7u10
 [13 Feb 2017] DLA-822-1 vim - security update
        {CVE-2017-5953}

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2017-02-16 20:52:18 UTC (rev 49010)
+++ data/DSA/list       2017-02-16 21:01:42 UTC (rev 49011)
@@ -5,8 +5,10 @@
        {CVE-2016-10195 CVE-2016-10196 CVE-2016-10197}
        [jessie] - libevent 2.0.21-stable-2+deb8u1
 [13 Feb 2017] DSA-3788-1 tomcat8 - security update
+       {CVE-2017-6056}
        [jessie] - tomcat8 8.0.14-1+deb8u7
 [13 Feb 2017] DSA-3787-1 tomcat7 - security update
+       {CVE-2017-6056}
        [jessie] - tomcat7 7.0.56-3+deb8u8
 [13 Feb 2017] DSA-3786-1 vim - security update
        {CVE-2017-5953}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to