From 7bd19edf6fe66e91abad713b3d3a184fde833ac2 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 4 Dec 2021 17:36:30 +0100
Subject: Update status for CVE-2016-6346

---
 data/CVE/list.2016 | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'data/CVE/list.2016')

diff --git a/data/CVE/list.2016 b/data/CVE/list.2016
index 4925188b70..77850d8b85 100644
--- a/data/CVE/list.2016
+++ b/data/CVE/list.2016
@@ -14012,9 +14012,11 @@ CVE-2016-6347 (Cross-site scripting (XSS) vulnerability in the default exception
 	- resteasy3.0 3.0.26-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1372124
 CVE-2016-6346 (RESTEasy enables GZIPInterceptor, which allows remote attackers to cau ...)
-	- resteasy <unfixed> (low; bug #837170)
+	- resteasy 3.1.0-1 (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
-	- resteasy3.0 <undetermined>
+	- resteasy3.0 3.0.26-1
+	NOTE: https://issues.jboss.org/browse/RESTEASY-1484 (not public)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1372120
 CVE-2016-6345 (RESTEasy allows remote authenticated users to obtain sensitive informa ...)
 	- resteasy <unfixed> (low; bug #837170)
 	[jessie] - resteasy <no-dsa> (Minor issue)
-- 
cgit v1.2.3