Author: gilbert-guest
Date: 2010-09-06 23:51:36 +0000 (Mon, 06 Sep 2010)
New Revision: 15278
Modified:
data/CVE/list
Log:
struts issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-09-06 23:51:25 UTC (rev 15277)
+++ data/CVE/list 2010-09-06 23:51:36 UTC (rev 15278)
@@ -3359,7 +3359,9 @@
CVE-2010-1871 (JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise
Application ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
CVE-2010-1870 (The OGNL extensive expression evaluation capability in XWork in
Struts ...)
- TODO: Check, there''s libstruts1.2-java and
libspring-webmvc-struts-2.5-java, which could be affected
+ - libstruts1.2-java <not-affected> (issue involves a problem in xwork,
which was introduced in struts2)
+ - libspring-webmvc-struts-2.5-java <undetermined>
+ TODO: check
CVE-2010-1869 (Stack-based buffer overflow in the parser function in
GhostScript 8.70 ...)
{DSA-2080-1}
- ghostscript 8.71~dfsg-4