[Secure-testing-commits] r28502 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 29 04:03:45 UTC 2014
Author: carnil
Date: 2014-08-29 04:03:45 +0000 (Fri, 29 Aug 2014)
New Revision: 28502
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2014-3603/libopensaml2-java
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-28 21:14:11 UTC (rev 28501)
+++ data/CVE/list 2014-08-29 04:03:45 UTC (rev 28502)
@@ -4420,7 +4420,7 @@
NOTE: http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/2014-August/000832.html
CVE-2014-3603 [HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification]
RESERVED
- - libopensaml2-java <unfixed> (bug #759470)
+ - libopensaml2-java 2.6.2-1 (bug #759470)
NOTE: http://shibboleth.net/community/advisories/secadv_20140813.txt
NOTE: http://svn.shibboleth.net/view/java-opensaml2/branches/REL_2/src/main/java/org/opensaml/DefaultBootstrap.java?r1=1622&r2=1666&pathrev=1666
CVE-2014-3602
More information about the Secure-testing-commits
mailing list