[Secure-testing-commits] r24765 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 16 06:59:50 UTC 2013
Author: jmm
Date: 2013-12-16 06:59:50 +0000 (Mon, 16 Dec 2013)
New Revision: 24765
Modified:
data/CVE/list
Log:
opensaml not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-16 06:43:54 UTC (rev 24764)
+++ data/CVE/list 2013-12-16 06:59:50 UTC (rev 24765)
@@ -2298,10 +2298,9 @@
RESERVED
CVE-2013-6440 [XML eXternal Entity (XXE) flaw in ParserPool and Decrypter]
RESERVED
- - opensaml2 <unfixed>
+ - opensaml2 <not-affected> (Debian provides the C-based Shibboleth implementation)
NOTE: http://shibboleth.net/community/advisories/secadv_20131213.txt
NOTE: http://blog.sendsafely.com/post/69590974866/web-based-single-sign-on-and-the-dangers-of-saml-xml
- TODO: check
CVE-2013-6439
RESERVED
CVE-2013-6438
More information about the Secure-testing-commits
mailing list