Author: carnil Date: 2016-01-17 15:29:36 +0000 (Sun, 17 Jan 2016) New Revision: 38985
Modified: data/CVE/list data/DSA/list data/dsa-needed.txt Log: Reserve DSA number for tomcat7 Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-01-17 14:54:12 UTC (rev 38984) +++ data/CVE/list 2016-01-17 15:29:36 UTC (rev 38985) @@ -55409,7 +55409,7 @@ {DLA-232-1} - tomcat6 6.0.41-3 (bug #785316) - tomcat7 7.0.55-1 - [jessie] - tomcat7 <no-dsa> (Minor issue) + [wheezy] - tomcat7 7.0.28-4+deb7u3 - tomcat8 8.0.9-1 NOTE: tomcat6 in jessie only builds the servlet API classes NOTE: https://svn.apache.org/viewvc?view=revision&revision=1603781 (7.x) @@ -55424,6 +55424,7 @@ NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1603628 (6.x) NOTE: Marked as fixed in 6.0.41-3 which only builds the libservlet2.5-java and libservlet2.5-java-doc packages - tomcat7 7.0.55-1 + [wheezy] - tomcat7 7.0.28-4+deb7u3 NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1601333 (7.x) - tomcat8 8.0.9-1 NOTE: Fixed in https://svn.apache.org/viewvc?view=revision&revision=1600984 (8.x) @@ -55921,6 +55922,7 @@ CVE-2014-0099 (Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in ...) - tomcat8 8.0.5-1 - tomcat7 7.0.53-1 + [wheezy] - tomcat7 7.0.28-4+deb7u3 - tomcat6 6.0.41-1 NOTE: http://svn.apache.org/r1578814 CVE-2014-0098 (The log_cookie function in mod_log_config.c in the mod_log_config ...) @@ -56016,6 +56018,7 @@ CVE-2014-0075 (Integer overflow in the parseChunkHeader function in ...) - tomcat8 8.0.5-1 - tomcat7 7.0.53-1 + [wheezy] - tomcat7 7.0.28-4+deb7u3 - tomcat6 6.0.41-1 CVE-2014-0074 (Apache Shiro 1.x before 1.2.3, when using an LDAP server with ...) NOT-FOR-US: Apache Shiro @@ -62686,6 +62689,7 @@ NOT-FOR-US: Context Drupal contributed module CVE-2013-4444 (Unrestricted file upload vulnerability in Apache Tomcat 7.x before ...) - tomcat7 7.0.40-1 + [wheezy] - tomcat7 7.0.28-4+deb7u3 NOTE: https://svn.apache.org/viewvc?view=revision&revision=1470435 CVE-2013-4443 REJECTED Modified: data/DSA/list =================================================================== --- data/DSA/list 2016-01-17 14:54:12 UTC (rev 38984) +++ data/DSA/list 2016-01-17 15:29:36 UTC (rev 38985) @@ -1,3 +1,7 @@ +[17 Jan 2016] DSA-3447-1 tomcat7 - security update + {CVE-2014-7810} + [wheezy] - tomcat7 7.0.28-4+deb7u3 + [jessie] - tomcat7 7.0.56-3+deb8u1 [14 Jan 2016] DSA-3431-2 ganeti - regression update [wheezy] - ganeti 2.5.2-1+deb7u2 [jessie] - ganeti 2.12.4-1+deb8u3 Modified: data/dsa-needed.txt =================================================================== --- data/dsa-needed.txt 2016-01-17 14:54:12 UTC (rev 38984) +++ data/dsa-needed.txt 2016-01-17 15:29:36 UTC (rev 38985) @@ -76,8 +76,5 @@ -- tomcat6 -- -tomcat7 - Maintainer prepared update for jessie-security. wheezy-security pending/wip --- wireshark -- _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits