[Secure-testing-commits] r26260 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Mar 26 15:41:00 UTC 2014
Author: carnil
Date: 2014-03-26 15:41:00 +0000 (Wed, 26 Mar 2014)
New Revision: 26260
Modified:
data/CVE/list
Log:
Add two curl CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-26 15:37:54 UTC (rev 26259)
+++ data/CVE/list 2014-03-26 15:41:00 UTC (rev 26260)
@@ -6562,10 +6562,14 @@
RESERVED
CVE-2014-0140
RESERVED
-CVE-2014-0139
+CVE-2014-0139 [libcurl IP address wildcard certificate validation]
RESERVED
-CVE-2014-0138
+ - curl <unfixed>
+ NOTE: http://curl.haxx.se/libcurl-reject-cert-ip-wildcards.patch
+CVE-2014-0138 [libcurl wrong re-use of connections]
RESERVED
+ - curl <unfixed>
+ NOTE: http://curl.haxx.se/libcurl-bad-reuse.patch
CVE-2014-0137
RESERVED
CVE-2014-0136
More information about the Secure-testing-commits
mailing list