Author: carnil Date: 2017-08-11 11:31:50 +0000 (Fri, 11 Aug 2017) New Revision: 54604
Modified: data/CVE/list Log: Add CVE-2017-7674, tomcat issue Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-11 11:31:38 UTC (rev 54603) +++ data/CVE/list 2017-08-11 11:31:50 UTC (rev 54604) @@ -14122,7 +14122,14 @@ NOTE: Fixed by: http://svn.apache.org/r1796091 (8.5.x) NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61120 CVE-2017-7674 (The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to ...) - TODO: check + - tomcat9 <itp> (bug #802312) + - tomcat8 8.5.16-1 + - tomcat7 7.0.72-3 + NOTE: NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API + NOTE: Fixed by: http://svn.apache.org/r1795814 (8.5.x) + NOTE: Fixed by: http://svn.apache.org/r1795815 (8.0.x) + NOTE: Fixed by: http://svn.apache.org/r1795816 (7.0.x) + NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=61101 CVE-2017-7673 (Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, ...) NOT-FOR-US: Apache OpenMeetings CVE-2017-7672 (If an application allows enter an URL in a form field and built-in ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits