[Secure-testing-commits] r25902 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Feb 27 14:07:53 UTC 2014
Author: jmm
Date: 2014-02-27 14:07:52 +0000 (Thu, 27 Feb 2014)
New Revision: 25902
Modified:
data/CVE/list
Log:
rewrite gnutls entry (useful for people tracking lenny)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-27 14:00:45 UTC (rev 25901)
+++ data/CVE/list 2014-02-27 14:07:52 UTC (rev 25902)
@@ -3229,8 +3229,8 @@
CVE-2011-5269 (Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3 ...)
NOT-FOR-US: ProjectForge
CVE-2009-5138 [gnutls: incorrect handling of V1 intermediate certificates]
- - gnutls26 <not-affected> (versions before 2.7.6)
- - gnutls28 <not-affected> (versions before 2.7.6)
+ - gnutls26 2.7.12-1
+ - gnutls28 <not-affected> (Only affects versions before 2.7.6)
NOTE: Only affects version prior of 2.7.6, fix: https://gitorious.org/gnutls/gnutls/commit/c8dcbedd1fdc312f5b1a70fcfbc1afe235d800cd
NOTE: and the issue has different root than CVE-2014-1959
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1069301
More information about the Secure-testing-commits
mailing list