diff options
author | Sylvain Beucler <beuc@beuc.net> | 2021-04-12 19:41:20 +0200 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2021-04-12 19:41:20 +0200 |
commit | 0714094e4013629cc4e05cd319703d510928807c (patch) | |
tree | d8c845e321eda6c4b8fafeb70d531c94e933bd29 /data/CVE/2016.list | |
parent | 17b6dd5ec039c93ea99a6ab897623f30311e0b1c (diff) |
CVE-2016-5007/libspring-java: precision
Diffstat (limited to 'data/CVE/2016.list')
-rw-r--r-- | data/CVE/2016.list | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index aef3970ba7..aa4cb0f13d 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -18489,7 +18489,7 @@ CVE-2016-5008 (libvirt before 2.0.0 improperly disables password checking when t NOTE: http://security.libvirt.org/2016/0001.html CVE-2016-5007 (Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2. ...) - libspring-java 4.3.2-1 - [jessie] - libspring-java <no-dsa> (Minor issue) + [jessie] - libspring-java <ignored> (Minor issue, no rdeps using both spring-framework and spring-security, trimTokens mitigation not present in 3.0.x) [wheezy] - libspring-java <not-affected> (Vulnerable code not present) NOTE: https://pivotal.io/security/cve-2016-5007 NOTE: https://github.com/spring-projects/spring-framework/commit/a30ab30 (v4.3.1.RELEASE) |