[Secure-testing-commits] r28405 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 21 07:55:52 UTC 2014
Author: carnil
Date: 2014-08-21 07:55:52 +0000 (Thu, 21 Aug 2014)
New Revision: 28405
Modified:
data/CVE/list
Log:
Add CVE-2014-3603, libopensaml2-java, unchecked
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-21 07:51:29 UTC (rev 28404)
+++ data/CVE/list 2014-08-21 07:55:52 UTC (rev 28405)
@@ -4069,8 +4069,12 @@
RESERVED
CVE-2014-3604
RESERVED
-CVE-2014-3603
+CVE-2014-3603 [HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification]
RESERVED
+ - libopensaml2-java <undetermined>
+ NOTE: http://shibboleth.net/community/advisories/secadv_20140813.txt
+ NOTE: http://svn.shibboleth.net/view/java-opensaml2/branches/REL_2/src/main/java/org/opensaml/DefaultBootstrap.java?r1=1622&r2=1666&pathrev=1666
+ TODO: check
CVE-2014-3602
RESERVED
NOT-FOR-US: OpenShift
More information about the Secure-testing-commits
mailing list