Bug#677194: CVE-2012-2672
Miguel Landaeta
miguel at miguel.cc
Sat Jun 16 03:39:10 UTC 2012
tags 677194 + moreinfo
severity 677194 important
thanks
On Tue, Jun 12, 2012 at 10:39:02AM +0200, Moritz Muehlenhoff wrote:
> Package: mojarra
> Severity: grave
> Tags: security
>
> Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2672
>
> I'm not sure if Debian is affected, please verify.
Hi,
I'm unable to reproduce this bug with mojarra under tomcat7. I didn't try
with tomcat6, jetty6 or jetty8.
However, in the bugtracker somebody commented this only affects EAP6/AS7
application servers and those ones are not available in Debian.
Cheers,
--
Miguel Landaeta, miguel at miguel.cc
secure email with PGP 0x6E608B637D8967E9 available at http://keyserver.pgp.com/
"Faith means not wanting to know what is true." -- Nietzsche
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20120615/0ea22c16/attachment-0001.pgp>
More information about the pkg-java-maintainers
mailing list