Author: carnil Date: 2017-08-11 11:25:05 +0000 (Fri, 11 Aug 2017) New Revision: 54602
Modified: data/CVE/list Log: AddCVE-2017-7675/tomcat Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-11 11:19:15 UTC (rev 54601) +++ data/CVE/list 2017-08-11 11:25:05 UTC (rev 54602) @@ -14114,7 +14114,12 @@ CVE-2017-7676 (Policy resource matcher in Apache Ranger before 0.7.1 ignores ...) NOT-FOR-US: Apache Ranger CVE-2017-7675 (The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and ...) - TODO: check + - tomcat9 <itp> (bug #802312) + - tomcat8 8.5.16-1 + - tomcat7 <not-affected> (Only affects Tomcat 8.5.x and 9.x series; vulnerable code not present) + - tomcat6 <not-affected> (Only affects Tomcat 8.5.x and 9.x series; vulnerable code not present) + NOTE: Fixed by: http://svn.apache.org/r1796091 (8.5.x) + NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61120 CVE-2017-7674 (The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to ...) TODO: check CVE-2017-7673 (Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits