[Secure-testing-commits] r17732 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Dec 2 06:54:18 UTC 2011


Author: jmm
Date: 2011-12-02 06:54:18 +0000 (Fri, 02 Dec 2011)
New Revision: 17732

Modified:
   data/CVE/list
Log:
- mojarra fixed
- drop unfixed annotation for lenny, all older suites are implicitly
  unfixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-01 21:14:25 UTC (rev 17731)
+++ data/CVE/list	2011-12-02 06:54:18 UTC (rev 17732)
@@ -689,7 +689,7 @@
 	NOT-FOR-US: Apache MyFaces
 CVE-2011-4358 [Mojarra - includeViewParameters re-evaluates param/model values as EL expressions]
 	RESERVED
-	- mojarra <unfixed> (bug #650430)
+	- mojarra 2.0.3-2 (bug #650430)
 CVE-2011-4357 [clearsilver format string issue]
 	RESERVED
 	{DSA-2355-1}
@@ -703,8 +703,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=703238
 CVE-2011-4354 [OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keys]
 	RESERVED
-	- openssl 0.9.8o-4squeeze3
-	[lenny] - openssl <unfixed> (bug #650621)
+	- openssl 0.9.8o-4squeeze3 (bug #650621)
 CVE-2011-4353 [VP5/VP6 DoS]
 	RESERVED
 	- libav <unfixed>




More information about the Secure-testing-commits mailing list