[Secure-testing-commits] r25264 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jan 17 20:27:47 UTC 2014
Author: carnil
Date: 2014-01-17 20:27:47 +0000 (Fri, 17 Jan 2014)
New Revision: 25264
Modified:
data/CVE/list
Log:
CVE-2013-7041/pam seems to be still unfixed; uses strncasecmp to compare hashes
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-17 20:17:47 UTC (rev 25263)
+++ data/CVE/list 2014-01-17 20:27:47 UTC (rev 25264)
@@ -2759,7 +2759,7 @@
RESERVED
CVE-2013-7041 [pam_userdb: password hashes aren't compared case-sensitively]
RESERVED
- - pam 1.1.8-1 (low; bug #731368)
+ - pam <unfixed> (low; bug #731368)
[squeeze] - pam <no-dsa> (Minor issue)
[wheezy] - pam <no-dsa> (Minor issue)
CVE-2013-7040
More information about the Secure-testing-commits
mailing list