diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-28 08:05:25 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-28 08:05:25 +0100 |
| commit | 3e957e0032aa28fdae2ceed3892028bb11aa2415 (patch) | |
| tree | f2ab7f5487beebc1b49cd307f1dba56c7eeae88b | |
| parent | b38f4d887ce8c467aec5089488a7c7730d4d095f (diff) | |
libxmlrpc3-java removed from unstable
| -rw-r--r-- | data/CVE/list.2019 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index 6596560aa8..cc6d1f1553 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -7011,7 +7011,7 @@ CVE-2019-17571 (Included in Log4j 1.2 is a SocketServer class that is vulnerable NOTE: Fixed by https://src.fedoraproject.org/rpms/log4j12/c/d4c817c458d69dcc629a7271999d178b0dcb7c74?branch=master CVE-2019-17570 (An untrusted deserialization was found in the org.apache.xmlrpc.parser ...) {DLA-2078-1} - - libxmlrpc3-java <unfixed> (bug #949089) + - libxmlrpc3-java <removed> (bug #949089) NOTE: https://www.openwall.com/lists/oss-security/2020/01/16/1 NOTE: Proposed patch: https://bugzilla.redhat.com/show_bug.cgi?id=1775193 NOTE: https://github.com/orangecertcc/xmlrpc-common-deserialization |