CVE-2013-4152) in the Spring Framework was incomplete.">

Oval Definition:	oval:org.mitre.oval:def:22246
Revision Date: 2014-06-23 Version: 6 Title: DSA-2857-1 libspring-java - several Description: It was discovered by the Spring development team that the fix for the XML External Entity (XXE) Injection(CVE-2013-4152) in the Spring Framework was incomplete. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2013-4152 CVE-2013-6429 CVE-2013-6430 DSA-2857-1 Platform(s): Debian GNU/kFreeBSD 7 Debian GNU/Linux 7 Product(s): libspring-java Definition Synopsis Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND libspring-java DPKG is earlier than 0:3.0.6.RELEASE-6+deb7u2
BACK