[Secure-testing-commits] r13393 - data
Stefan Fritsch
sf at alioth.debian.org
Fri Nov 27 18:26:46 UTC 2009
Author: sf
Date: 2009-11-27 18:26:46 +0000 (Fri, 27 Nov 2009)
New Revision: 13393
Modified:
data/CVE-2009-3555
Log:
nginx tls reneg disabled in unstable
Modified: data/CVE-2009-3555
===================================================================
--- data/CVE-2009-3555 2009-11-27 12:10:41 UTC (rev 13392)
+++ data/CVE-2009-3555 2009-11-27 18:26:46 UTC (rev 13393)
@@ -25,8 +25,8 @@
- proftpd-dfsg -> Disabled SSL/TLS renegotiations in 1.3.2b-2 in unstable
- apache2 -> Disabled client-initiated SSL/TLS renegs in 2.2.14-2, only partial fix, also issued as DSA 1934 for stable
- tomcat-native -> 1.1.18-1
+- nginx: disabled renegotiation in 0.7.64-1
+ patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt
Candidates for modification:
-- nginx: disables renegotiation in 0.7.64, bug #557873,
- patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt
- libapache-mod-ssl (oldstable only) bug #556942, no patch yet
More information about the Secure-testing-commits
mailing list