CVE-2011-2260 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2260): Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration. CVE-2011-1511 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1511): Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.
commit 48fe490 (HEAD, master) Author: Patrice Clement <monsieurp@gentoo.org> Date: Sat Sep 5 15:19:08 2015 +0000 dev-java/glassflish-servlet-api: Version bump. Fixes security bug 386353. Package-Manager: portage-2.2.18 Signed-off-by: Patrice Clement <monsieurp@gentoo.org> create mode 100644 dev-java/glassfish-servlet-api/glassfish-servlet-api-3.1.1.ebuild Arch teams, Please stabilise: dev-java/glassflish-servlet-api-3.1.1 Target arches: amd64 x86 Security, Please vote.
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please vote.
commit 20d8bc1 (HEAD, master) Author: Patrice Clement <monsieurp@gentoo.org> Date: Sun Sep 6 09:09:53 2015 +0000 dev-java/glassfish-servlet-api: Remove vulnerable version. Fixes security bug 386353. Package-Manager: portage-2.2.18 Signed-off-by: Patrice Clement <monsieurp@gentoo.org> delete mode 100644 dev-java/glassfish-servlet-api/files/build_xml.patch delete mode 100644 dev-java/glassfish-servlet-api/glassfish-servlet-api-2_beta44.ebuild Security, Please vote.
ping @security
GLSA Vote: No
GLSA vote: no.