[Secure-testing-commits] r24367 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Nov 21 06:50:14 UTC 2013
Author: carnil
Date: 2013-11-21 06:50:14 +0000 (Thu, 21 Nov 2013)
New Revision: 24367
Modified:
data/CVE/list
Log:
Update entry for CVE-2013-1417: mark not-affected for squeeze and wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-11-21 06:44:26 UTC (rev 24366)
+++ data/CVE/list 2013-11-21 06:50:14 UTC (rev 24367)
@@ -13995,6 +13995,9 @@
CVE-2013-1417 [KDC null deref due to referrals]
RESERVED
- krb5 <unfixed>
+ [squeeze] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
+ [wheezy] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
+ NOTE: https://github.com/krb5/krb5/commit/4c023ba43c16396f0d199e2df1cfa59b88b62acc
CVE-2013-1416 (The prep_reprocess_req function in do_tgs_req.c in the Key ...)
- krb5 1.10.1+dfsg-5 (low; bug #704775)
[squeeze] - krb5 <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list