[Secure-testing-commits] r18542 - data/CVE

Stefan Fritsch sf at alioth.debian.org
Sat Feb 25 21:51:04 UTC 2012


Author: sf
Date: 2012-02-25 21:51:04 +0000 (Sat, 25 Feb 2012)
New Revision: 18542

Modified:
   data/CVE/list
Log:
apr no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-02-25 16:10:40 UTC (rev 18541)
+++ data/CVE/list	2012-02-25 21:51:04 UTC (rev 18542)
@@ -1008,6 +1008,7 @@
 	- libxml2 <unfixed> (bug #660846)
 CVE-2012-0840 (tables/apr_hash.c in the Apache Portable Runtime (APR) library through ...)
 	- apr <unfixed> (low; bug #655435)
+	[squeeze] - apr <no-dsa> (exploitability in httpd extremely limited, not known to be exploitable in svn)
 	NOTE: Commit http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD@eris.apache.org%3E seems to cause regressions
 CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without restricting the ...)
 	- ocaml <unfixed> (low; bug #659149)




More information about the Secure-testing-commits mailing list