Author: carnil
Date: 2017-07-13 19:45:44 +0000 (Thu, 13 Jul 2017)
New Revision: 53454
Modified:
data/CVE/list
Log:
CVE-2017-9791: mark all versions up to the removed version as not-affected
The latest versionin the archive was from the 1.2.x series, not beeing
vulnerable as the issue is 2.x specific.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-13 19:30:13 UTC (rev 53453)
+++ data/CVE/list 2017-07-13 19:45:44 UTC (rev 53454)
@@ -2168,8 +2168,7 @@
CVE-2017-9792
RESERVED
CVE-2017-9791 (The Struts 1 plugin in Apache Struts 2.3.x might allow remote
code ...)
- - libstruts1.2-java <removed>
- [wheezy] - libstruts1.2-java <not-affected> (Vulnerable code not
present)
+ - libstruts1.2-java <not-affected> (Vulnerable code not present)
NOTE: Issue is specific to Struts 2.x.
CVE-2017-9790
RESERVED
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
