[Secure-testing-commits] r17831 - data/CVE
Nico Golde
nion at alioth.debian.org
Tue Dec 20 13:41:49 UTC 2011
Author: nion
Date: 2011-12-20 13:41:48 +0000 (Tue, 20 Dec 2011)
New Revision: 17831
Modified:
data/CVE/list
Log:
debian bug for CVE-2011-4362
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-20 08:08:54 UTC (rev 17830)
+++ data/CVE/list 2011-12-20 13:41:48 UTC (rev 17831)
@@ -1576,7 +1576,7 @@
[lenny] - libproc-processtable-perl <no-dsa> (Minor issue)
CVE-2011-4362 [lighttpd signedness issue dos]
RESERVED
- - lighttpd <unfixed> (low)
+ - lighttpd <unfixed> (low; bug #652726)
NOTE: http://openwall.com/lists/oss-security/2011/11/29/8
NOTE: http://redmine.lighttpd.net/issues/2370
NOTE: the announcement says that the debian package is not affected, but there are no additional patches that would cause different behavior (i.e. the base64_reverse_table is the same in debian and upstream), so if upstream is affected, so too is the debian package
More information about the Secure-testing-commits
mailing list