[Secure-testing-commits] r26168 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 18 20:23:04 UTC 2014
Author: carnil
Date: 2014-03-18 20:23:04 +0000 (Tue, 18 Mar 2014)
New Revision: 26168
Modified:
data/CVE/list
Log:
Mark nginx issue as unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-18 18:56:24 UTC (rev 26167)
+++ data/CVE/list 2014-03-18 20:23:04 UTC (rev 26168)
@@ -6146,11 +6146,11 @@
RESERVED
CVE-2014-0133 [nginx: SPDY heap buffer overflow]
RESERVED
- - nginx <unfixed> (bug #742059)
+ - nginx <unfixed> (unimportant; bug #742059)
[wheezy] - nginx <not-affected> (Vulnerable code not present)
[squeeze] - nginx <not-affected> (Vulnerable code not present)
NOTE: ngx_http_spdy_module introduced in 1.3.15
- NOTE: Debian compiles with --with-http_spdy_module
+ NOTE: Debian compiles with --with-http_spdy_module, but also with --with-debug
CVE-2014-0132 [flaw in parsing authzid can lead to privilege escalation]
RESERVED
- 389-ds-base <unfixed> (bug #741600)
More information about the Secure-testing-commits
mailing list