[Secure-testing-commits] r28444 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Aug 23 11:55:54 UTC 2014
Author: carnil
Date: 2014-08-23 11:55:53 +0000 (Sat, 23 Aug 2014)
New Revision: 28444
Modified:
data/CVE/list
Log:
Add CVE-2014-3604/not-yet-commons-ssl; from external check
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-23 06:23:51 UTC (rev 28443)
+++ data/CVE/list 2014-08-23 11:55:53 UTC (rev 28444)
@@ -4230,8 +4230,10 @@
RESERVED
CVE-2014-3605
RESERVED
-CVE-2014-3604
+CVE-2014-3604 [Hostname verification susceptible to MITM attack]
RESERVED
+ - not-yet-commons-ssl <unfixed>
+ NOTE: http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/2014-August/000832.html
CVE-2014-3603 [HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification]
RESERVED
- libopensaml2-java <undetermined>
More information about the Secure-testing-commits
mailing list