Author: jmm
Date: 2017-08-23 20:40:52 +0000 (Wed, 23 Aug 2017)
New Revision: 55005
Modified:
data/CVE/list
Log:
gradle ignored for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-23 19:13:43 UTC (rev 55004)
+++ data/CVE/list 2017-08-23 20:40:52 UTC (rev 55005)
@@ -48126,9 +48126,11 @@
RESERVED
CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers
to ...)
- gradle 2.13-1
+ [jessie] - gradle <ignored> (Minor issue)
NOTE: Starting from 2.13-1 it uses
commons-collections:commons-collections:3.2.2
NOTE:
https://philwantsfish.github.io/security/java-deserialization-github
NOTE:
https://discuss.gradle.org/t/a-security-issue-about-gradle-rce/17726
+ NOTE: ObjectSocketWrapper only used by Gradle UI, which was removed in
current releases (4.x)
CVE-2016-6196
RESERVED
CVE-2016-6195 (SQL injection vulnerability in
forumrunner/includes/moderation.php in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
