[Secure-testing-commits] r25763 - data/CVE

Sun Feb 16 13:25:50 UTC 2014

Author: carnil
Date: 2014-02-16 13:25:50 +0000 (Sun, 16 Feb 2014)
New Revision: 25763

Modified:
   data/CVE/list
Log:
Add temporary entry for freeradius issue, CVE requested by fw

http://www.openwall.com/lists/oss-security/2014/02/16/1

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-02-16 13:19:15 UTC (rev 25762)
+++ data/CVE/list	2014-02-16 13:25:50 UTC (rev 25763)
@@ -1,3 +1,7 @@
+CVE-2014-XXXX [denial of service in rlm_pap hash processing]
+	- freeradius <unfixed>
+	NOTE: http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html
+	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/0d606cfc29a.patch
 CVE-2014-1959 [GNUTLS-SA-2014-1]
 	- gnutls26 2.12.23-12
 	[squeeze] - gnutls26 <not-affected> (does not allow X.509 v1 certificates by default)


