diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-28 08:05:25 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-28 08:05:25 +0100 |
| commit | 1cbfe748d1acf0e26a0031f3dc250100bf71fa08 (patch) | |
| tree | a5d4d2f72c58d06864bdf5a7bbc406480d72db80 /data/CVE/list | |
| parent | 3ae10cbfd0368e550a0312656a39e9e05bc1e5d1 (diff) | |
libxmlrpc3-java removed from unstable
Diffstat (limited to 'data/CVE/list')
| -rw-r--r-- | data/CVE/list | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index f20af39c62..46955b25ca 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -23503,7 +23503,7 @@ CVE-2019-17571 (Included in Log4j 1.2 is a SocketServer class that is vulnerable NOTE: Fixed by https://src.fedoraproject.org/rpms/log4j12/c/d4c817c458d69dcc629a7271999d178b0dcb7c74?branch=master CVE-2019-17570 (An untrusted deserialization was found in the org.apache.xmlrpc.parser ...) {DLA-2078-1} - - libxmlrpc3-java <unfixed> (bug #949089) + - libxmlrpc3-java <removed> (bug #949089) NOTE: https://www.openwall.com/lists/oss-security/2020/01/16/1 NOTE: Proposed patch: https://bugzilla.redhat.com/show_bug.cgi?id=1775193 NOTE: https://github.com/orangecertcc/xmlrpc-common-deserialization |