Author: carnil Date: 2016-11-12 06:35:12 +0000 (Sat, 12 Nov 2016) New Revision: 46141
Modified: data/CVE/list Log: Update information for CVE-2016-5007 Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-11-12 06:10:28 UTC (rev 46140) +++ data/CVE/list 2016-11-12 06:35:12 UTC (rev 46141) @@ -14078,10 +14078,10 @@ NOTE: http://security.libvirt.org/2016/0001.html CVE-2016-5007 [Spring Security / MVC Path Matching Inconsistency] RESERVED - - libspring-java <unfixed> + - libspring-java 4.3.2-1 [wheezy] - libspring-java <not-affected> (Vulnerable code not present) NOTE: https://pivotal.io/security/cve-2016-5007 - NOTE: https://github.com/spring-projects/spring-framework/commit/a30ab3 + NOTE: https://github.com/spring-projects/spring-framework/commit/a30ab3 (v4.3.1.RELEASE) NOTE: https://github.com/spring-projects/spring-security/commit/e4c13e NOTE: Upstream bug: https://github.com/spring-projects/spring-security/issues/3964 NOTE: Mitigations exists in https://pivotal.io/security/cve-2016-5007 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits