[Secure-testing-commits] r26283 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Mar 27 13:52:50 UTC 2014


Author: jmm
Date: 2014-03-27 13:52:49 +0000 (Thu, 27 Mar 2014)
New Revision: 26283

Modified:
   data/CVE/list
Log:
fix curl entry


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-27 12:20:46 UTC (rev 26282)
+++ data/CVE/list	2014-03-27 13:52:49 UTC (rev 26283)
@@ -3546,7 +3546,8 @@
 CVE-2014-1264 (Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after ...)
 	NOT-FOR-US: Apple
 CVE-2014-1263 (curl in Apple OS X 10.9.x before 10.9.2 does not verify X.509 ...)
-	NOT-FOR-US: Apple
+	- curl <not-affected> (Only applies to Curl on Mac OS or iOS)
+	NOTE: http://curl.haxx.se/docs/adv_20140326C.html
 CVE-2014-1262 (Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers ...)
 	NOT-FOR-US: Apple
 CVE-2014-1261 (Integer signedness error in CoreText in Apple OS X before 10.9.2 ...)




More information about the Secure-testing-commits mailing list