Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 

518d9e80 by Moritz Muehlenhoff at 2018-02-14T22:57:49+01:00
remove TOOD for thrift copy in HHVM, not relevant here

- - - - -

1 changed file:

- data/CVE/list


--- a/data/CVE/list
+++ b/data/CVE/list
@@ -82661,12 +82661,10 @@ CVE-2016-5398 (Cross-site scripting (XSS) 
vulnerability in Business Process Edit
        NOT-FOR-US: JBoss BPMS
 CVE-2016-5397 (The Apache Thrift Go client library exposed the potential 
during code ...)
        - thrift-compiler <unfixed>
-       - hhvm <unfixed>
        NOTE: Fixed in 0.10.0 upstream, and in experimental src:thrift/0.10.0-1 
is present
        NOTE: src:thrift only present in experimental
-       TODO: check (hhvm embedds it, used?)
 CVE-2016-5396 (Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK 
Bomb ...)
        - trafficserver 7.0.0-1
        [wheezy] - trafficserver <not-affected> (Vulnerable code not present)

View it on GitLab:

View it on GitLab:
You're receiving this email because of your account on
Secure-testing-commits mailing list

Reply via email to