Add CVE-2016-4000/jython

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@52607 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2017-06-16 07:07:01 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-06-16 07:07:01 +0000
commit: 17dea513dc9618de70b2e944d7c612132ab22c30 (patch)
tree: cf4df239584e5fa37056ef91d8d932c2776985ae /data
parent: 7076037de7aeb294bf3062d93c47e9a7dbd66d34 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index e18e3f8a5b..08468c7aed 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -45123,8 +45123,11 @@ CVE-2015-8845 (The tm_reclaim_thread function in arch/powerpc/kernel/process.c i
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1326540
 	NOTE: Upstream commit: https://git.kernel.org/linus/7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 (v4.4-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/fb09692e71f13af7298eb603a1975850b1c7a8d8 (v3.9-rc1)
-CVE-2016-4000
+CVE-2016-4000 [Unsafe deserialization leads to code execution]
 	RESERVED
+	- jython <unfixed>
+	NOTE: http://bugs.jython.org/issue2454
+	NOTE: https://hg.python.org/jython/rev/d06e29d100c0
 CVE-2016-3999 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra ...)
 	NOT-FOR-US: Zimbra
 CVE-2016-3998
author	Salvatore Bonaccorso <carnil@debian.org>	2017-06-16 07:07:01 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-06-16 07:07:01 +0000
commit	17dea513dc9618de70b2e944d7c612132ab22c30 (patch)
tree	cf4df239584e5fa37056ef91d8d932c2776985ae /data
parent	7076037de7aeb294bf3062d93c47e9a7dbd66d34 (diff)