[Secure-testing-commits] r13393 - data

Stefan Fritsch sf at alioth.debian.org
Fri Nov 27 18:26:46 UTC 2009


Author: sf
Date: 2009-11-27 18:26:46 +0000 (Fri, 27 Nov 2009)
New Revision: 13393

Modified:
   data/CVE-2009-3555
Log:
nginx tls reneg disabled in unstable

Modified: data/CVE-2009-3555
===================================================================
--- data/CVE-2009-3555	2009-11-27 12:10:41 UTC (rev 13392)
+++ data/CVE-2009-3555	2009-11-27 18:26:46 UTC (rev 13393)
@@ -25,8 +25,8 @@
 - proftpd-dfsg -> Disabled SSL/TLS renegotiations in 1.3.2b-2 in unstable
 - apache2 -> Disabled client-initiated SSL/TLS renegs in 2.2.14-2, only partial fix, also issued as DSA 1934 for stable
 - tomcat-native -> 1.1.18-1
+- nginx: disabled renegotiation in 0.7.64-1
+  patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt
 
 Candidates for modification:
-- nginx: disables renegotiation in 0.7.64, bug #557873,
-  patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt
 - libapache-mod-ssl (oldstable only) bug #556942, no patch yet




More information about the Secure-testing-commits mailing list