Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 635716

Summary: dev-java/logback: Serialization vulnerability
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal CC: java
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [ebuild]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2017-10-28 18:18:55 UTC 
CVE-2017-5929 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5929):
  QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the
  SocketServer and ServerSocketReceiver components.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-28 18:19:52 UTC 

*** This bug has been marked as a duplicate of bug 612914 ***