tags 677194 + moreinfo severity 677194 important thanks On Tue, Jun 12, 2012 at 10:39:02AM +0200, Moritz Muehlenhoff wrote: > Package: mojarra > Severity: grave > Tags: security > > Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2672 > > I'm not sure if Debian is affected, please verify.
Hi, I'm unable to reproduce this bug with mojarra under tomcat7. I didn't try with tomcat6, jetty6 or jetty8. However, in the bugtracker somebody commented this only affects EAP6/AS7 application servers and those ones are not available in Debian. Cheers, -- Miguel Landaeta, miguel at miguel.cc secure email with PGP 0x6E608B637D8967E9 available at http://keyserver.pgp.com/ "Faith means not wanting to know what is true." -- Nietzsche
signature.asc
Description: Digital signature
