Update status for CVE-2016-6346

author: Salvatore Bonaccorso <carnil@debian.org> 2021-12-04 17:36:30 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-12-04 17:36:30 +0100
commit: 7bd19edf6fe66e91abad713b3d3a184fde833ac2 (patch)
tree: bcecbef7a74b0503864649a37bb2faf460d2d768 /data/CVE/list.2016
parent: ef86ddd81cf18a667b18fa7536b23bc43375403e (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/data/CVE/list.2016 b/data/CVE/list.2016
index 4925188b70..77850d8b85 100644
--- a/data/CVE/list.2016
+++ b/data/CVE/list.2016
@@ -14012,9 +14012,11 @@ CVE-2016-6347 (Cross-site scripting (XSS) vulnerability in the default exception
 	- resteasy3.0 3.0.26-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1372124
 CVE-2016-6346 (RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ...)
-	- resteasy <unfixed> (low; bug #837170)
+	- resteasy 3.1.0-1 (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
-	- resteasy3.0 <undetermined>
+	- resteasy3.0 3.0.26-1
+	NOTE: https://issues.jboss.org/browse/RESTEASY-1484 (not public)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1372120
 CVE-2016-6345 (RESTEasy allows remote authenticated users to obtain sensitive informa ...)
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-12-04 17:36:30 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-12-04 17:36:30 +0100
commit	7bd19edf6fe66e91abad713b3d3a184fde833ac2 (patch)
tree	bcecbef7a74b0503864649a37bb2faf460d2d768 /data/CVE/list.2016
parent	ef86ddd81cf18a667b18fa7536b23bc43375403e (diff)