[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update status for CVE-2017-7536/libhibernate-validator-java

Thu, 11 Jan 2018 06:33:09 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8323c862 by Salvatore Bonaccorso at 2018-01-11T15:30:22+01:00
Update status for CVE-2017-7536/libhibernate-validator-java

Mark as no-dsa for stretch. Not affecting jessie and wheezy since issue
introduced post 4.3.

Thanks: Markus Koschany for confirming.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -42407,6 +42407,9 @@ CVE-2017-7537
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470817
 CVE-2017-7536 (In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 
5.4.x, it ...)
        - libhibernate-validator-java <unfixed> (bug #885577)
+       [stretch] - libhibernate-validator-java <no-dsa> (Minor issue)
+       [jessie] - libhibernate-validator-java <not-affected> (Vulnerable code 
introduced in 4.3)
+       [wheezy] - libhibernate-validator-java <not-affected> (Vulnerable code 
introduced in 4.3)
        NOTE: 
https://github.com/hibernate/hibernate-validator/commit/0ed45f37c4680998167179e631113a2c9cb5d113
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573
 CVE-2017-7535



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8323c8622cc0d88d4260a11ec10a65c4915576ed

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8323c8622cc0d88d4260a11ec10a65c4915576ed
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to