[Secure-testing-commits] r20186 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Sep 18 10:17:47 UTC 2012
Author: jmm
Date: 2012-09-18 10:17:47 +0000 (Tue, 18 Sep 2012)
New Revision: 20186
Modified:
data/CVE/list
Log:
initial entry for CRIME SSL attack
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-18 09:14:20 UTC (rev 20185)
+++ data/CVE/list 2012-09-18 10:17:47 UTC (rev 20186)
@@ -1,7 +1,9 @@
CVE-2012-4930 (The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google ...)
- TODO: check
+ - iceweasel <not-affected> (Firefox ESV not support SDPY)
+ TODO: check chromium
CVE-2012-4929 (The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google ...)
- TODO: check
+ - iceweasel <not-affected> (Firefox ESV not use TLS/SSL compression)
+ TODO: check openssl and chromium
CVE-2012-4928 (Cross-site scripting (XSS) vulnerability in ow_updates/index.php in ...)
TODO: check
CVE-2012-4927 (SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before ...)
More information about the Secure-testing-commits
mailing list