svn commit: r391901 - head/security/vuxml
Mark Felder
feld at FreeBSD.org
Mon Jul 13 13:25:37 UTC 2015
Author: feld
Date: Mon Jul 13 13:25:36 2015
New Revision: 391901
URL: https://svnweb.freebsd.org/changeset/ports/391901
Log:
hadoop2 and oozie ports fetch a version of tomcat that is vulnerable
Security: 25e0593d-13c0-11e5-9afb-3c970e169bc2
Security: CVE-2014-0230
Security: CVE-2014-7810
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jul 13 13:19:56 2015 (r391900)
+++ head/security/vuxml/vuln.xml Mon Jul 13 13:25:36 2015 (r391901)
@@ -2756,6 +2756,14 @@ Notes:
<name>tomcat8</name>
<range><lt>8.0.9</lt></range>
</package>
+ <package>
+ <name>hadoop2</name>
+ <range><le>2.6.0</le></range>
+ </package>
+ <package>
+ <name>oozie</name>
+ <range><le>4.1.0</le></range>
+ </package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
@@ -2787,6 +2795,7 @@ Notes:
<dates>
<discovery>2015-05-12</discovery>
<entry>2015-06-16</entry>
+ <modified>2015-07-13</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list