Summary: | <www-servers/tomcat-{7.0.93,8.5.39}: XSS in SSI printenv (CVE-2019-0221) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 656044, 662168, 662892 |
Description
GLSAMaker/CVETool Bot
2019-08-17 22:58:29 UTC
slots 7 and 8.5 are clean, slot 9 needs virtual/{jdk,jre} unmasked first to stabilize the newest version of tomcat in that slot. @ maintainer(s): ping, please name exact virtual/{jre,jdk} you are waiting for! (In reply to Thomas Deutschmann from comment #2) > @ maintainer(s): ping, please name exact virtual/{jre,jdk} you are waiting > for! slot 11 i've dropped 9.0.7 so you can proceed now Tree looks clean? Added to an existing GLSA request. This issue was resolved and addressed in GLSA 202003-43 at https://security.gentoo.org/glsa/202003-43 by GLSA coordinator Thomas Deutschmann (whissi). |