~ubuntu-security/ubuntu-cve-tracker/master

Viewing changes to ignored/CVE-2016-9571

Committer: Steve Beattie
Date: 2017-03-29 17:05:22 UTC
Revision ID: sbeattie@ubuntu.com-20170329170522-fz9ggqp4ktt2svhj

Process cves run: triaged 4 CVEs, 12 Ignored, 4 Packages

Packages with new cves:
curl(1) linux(1) moodle(1) resteasy(1)

files added:
active/CVE-2016-9606

active/CVE-2017-2628

active/CVE-2017-7294

active/CVE-2017-7298

files renamed:
active/CVE-2016-9571 => ignored/CVE-2016-9571

files modified:
active/CVE-2014-6440

active/CVE-2015-0855

active/CVE-2015-8010

active/CVE-2015-8026

active/CVE-2015-8622

active/CVE-2015-8623

active/CVE-2015-8624

active/CVE-2015-8625

active/CVE-2015-8626

active/CVE-2015-8627

active/CVE-2015-8628

active/CVE-2016-10128

active/CVE-2016-10129

active/CVE-2016-10130

active/CVE-2016-10144

active/CVE-2016-10145

active/CVE-2016-10146

active/CVE-2016-10149

active/CVE-2016-10152

active/CVE-2016-10254

active/CVE-2016-10255

active/CVE-2016-3178

active/CVE-2016-3179

active/CVE-2016-6225

active/CVE-2016-7797

active/CVE-2016-8884

active/CVE-2016-8885

active/CVE-2016-8886

active/CVE-2016-8887

active/CVE-2016-9011

active/CVE-2016-9262

active/CVE-2016-9264

active/CVE-2016-9265

active/CVE-2016-9266

active/CVE-2016-9275

active/CVE-2016-9276

active/CVE-2016-9387

active/CVE-2016-9388

active/CVE-2016-9389

active/CVE-2016-9390

active/CVE-2016-9391

active/CVE-2016-9392

active/CVE-2016-9393

active/CVE-2016-9394

active/CVE-2016-9395

active/CVE-2016-9396

active/CVE-2016-9397

active/CVE-2016-9398

active/CVE-2016-9399

active/CVE-2016-9469

active/CVE-2016-9557

active/CVE-2016-9774

active/CVE-2016-9775

active/CVE-2016-9922

active/CVE-2017-0882

active/CVE-2017-2641

active/CVE-2017-2643

active/CVE-2017-2644

active/CVE-2017-2645

active/CVE-2017-5206

active/CVE-2017-5207

active/CVE-2017-5334

active/CVE-2017-5335

active/CVE-2017-5336

active/CVE-2017-5337

active/CVE-2017-5506

active/CVE-2017-5507

active/CVE-2017-5508

active/CVE-2017-5509

active/CVE-2017-5510

active/CVE-2017-5511

active/CVE-2017-5644

active/CVE-2017-5851

active/CVE-2017-5897

active/CVE-2017-5899

active/CVE-2017-5932

active/CVE-2017-5973

active/CVE-2017-5986

active/CVE-2017-6214

active/CVE-2017-6345

active/CVE-2017-6346

active/CVE-2017-6347

active/CVE-2017-6348

active/CVE-2017-6353

active/CVE-2017-6451

active/CVE-2017-6452

active/CVE-2017-6455

active/CVE-2017-6458

active/CVE-2017-6459

active/CVE-2017-6460

active/CVE-2017-6462

active/CVE-2017-6463

active/CVE-2017-6464

active/CVE-2017-6507

active/CVE-2017-6542

active/CVE-2017-6964

active/CVE-2017-7273

check-cves.log

ignored/not-for-us.txt

retired/CVE-2014-9915

retired/CVE-2015-8556

retired/CVE-2015-8762

retired/CVE-2015-8763

retired/CVE-2015-8764

retired/CVE-2016-10046

retired/CVE-2016-10047

retired/CVE-2016-10048

retired/CVE-2016-10049

retired/CVE-2016-10050

retired/CVE-2016-10051

retired/CVE-2016-10052

retired/CVE-2016-10053

retired/CVE-2016-10054

retired/CVE-2016-10055

retired/CVE-2016-10056

retired/CVE-2016-10057

retired/CVE-2016-10058

retired/CVE-2016-10059

retired/CVE-2016-10065

retired/CVE-2016-4912

retired/CVE-2016-8862

retired/CVE-2016-8866

retired/CVE-2016-9243

retired/CVE-2016-9556

retired/CVE-2017-5330

retired/CVE-2017-5931

retired/CVE-2017-7191

Show diffs side-by-side

added added

removed removed

ignored/CVE-2016-9571

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9571

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9571

Description:

Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable

to Java object de-serialization vulnerability. Camel allows to specify such

a type through the 'CamelJacksonUnmarshalType' property. De-serializing

untrusted data can lead to security flaws as demonstrated in various

similar reports about Java de-serialization issues.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9606.

Reason: This candidate is a duplicate of CVE-2016-9606. Reason: this ID

was intended for one issue, but was associated with two issues. Notes: All

CVE users should reference CVE-2016-9606 instead of this candidate. All

references and descriptions in this candidate have been removed to prevent

accidental usage.

Ubuntu-Description:

Notes:

Bugs:

Older »