[Secure-testing-commits] r28229 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 12 09:23:13 UTC 2014
Author: carnil
Date: 2014-08-12 09:23:13 +0000 (Tue, 12 Aug 2014)
New Revision: 28229
Modified:
data/CVE/list
Log:
Add CVE-2014-3522/subversion
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-12 09:14:11 UTC (rev 28228)
+++ data/CVE/list 2014-08-12 09:23:13 UTC (rev 28229)
@@ -3911,8 +3911,10 @@
RESERVED
CVE-2014-3523 (Memory leak in the winnt_accept function in server/mpm/winnt/child.c ...)
- apache2 <not-affected> (Affects only Windows systems)
-CVE-2014-3522
+CVE-2014-3522 [incorrect SSL certificate validation in Serf RA (repository access) layer]
RESERVED
+ - subversion <unfixed>
+ TODO: check, only affects subversion clients which use the Serf RA layer.
CVE-2014-3521
RESERVED
CVE-2014-3520 [Keystone V2 trusts privilege escalation through user supplied project id]
More information about the Secure-testing-commits
mailing list