[Secure-testing-commits] r28238 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 12 16:04:50 UTC 2014
Author: carnil
Date: 2014-08-12 16:04:50 +0000 (Tue, 12 Aug 2014)
New Revision: 28238
Modified:
data/CVE/list
Log:
Mark squeeze and wheezy version as unfixed, but unimportant
Rationale; Source code in principle affected, thus "unfixed", but
marking unimportant as this affects only the source and resulting binary
if one would compile with libserf. Version in stable uses neon.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-12 15:57:42 UTC (rev 28237)
+++ data/CVE/list 2014-08-12 16:04:50 UTC (rev 28238)
@@ -3927,6 +3927,8 @@
CVE-2014-3522 [incorrect SSL certificate validation in Serf RA (repository access) layer]
RESERVED
- subversion <unfixed>
+ [wheezy] - subversion <unfixed> (unimportant)
+ [squeeze] - subversion <unfixed> (unimportant)
NOTE: https://subversion.apache.org/security/CVE-2014-3522-advisory.txt
CVE-2014-3521
RESERVED
More information about the Secure-testing-commits
mailing list