Author: jmm Date: 2017-08-23 20:40:52 +0000 (Wed, 23 Aug 2017) New Revision: 55005
Modified: data/CVE/list Log: gradle ignored for jessie Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-23 19:13:43 UTC (rev 55004) +++ data/CVE/list 2017-08-23 20:40:52 UTC (rev 55005) @@ -48126,9 +48126,11 @@ RESERVED CVE-2016-6199 (ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to ...) - gradle 2.13-1 + [jessie] - gradle <ignored> (Minor issue) NOTE: Starting from 2.13-1 it uses commons-collections:commons-collections:3.2.2 NOTE: https://philwantsfish.github.io/security/java-deserialization-github NOTE: https://discuss.gradle.org/t/a-security-issue-about-gradle-rce/17726 + NOTE: ObjectSocketWrapper only used by Gradle UI, which was removed in current releases (4.x) CVE-2016-6196 RESERVED CVE-2016-6195 (SQL injection vulnerability in forumrunner/includes/moderation.php in ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits