[Secure-testing-commits] r28230 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 12 09:23:25 UTC 2014
Author: carnil
Date: 2014-08-12 09:23:25 +0000 (Tue, 12 Aug 2014)
New Revision: 28230
Modified:
data/CVE/list
Log:
Add CVE-2014-3504/serf from external check, not yet verified fixed version
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-12 09:23:13 UTC (rev 28229)
+++ data/CVE/list 2014-08-12 09:23:25 UTC (rev 28230)
@@ -3978,8 +3978,10 @@
RESERVED
{DSA-2998-1}
- openssl 1.0.1i-1
-CVE-2014-3504
+CVE-2014-3504 [failure to properly handle a NUL character in the CommonName or SubjectAltNames fields]
RESERVED
+ - serf <unfixed>
+ TODO: check
CVE-2014-3503 (Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate ...)
NOT-FOR-US: Apache Syncope
CVE-2014-3502
More information about the Secure-testing-commits
mailing list