[Secure-testing-commits] r30045 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Nov 13 19:43:35 UTC 2014
Author: jmm
Date: 2014-11-13 19:43:34 +0000 (Thu, 13 Nov 2014)
New Revision: 30045
Modified:
data/CVE/list
Log:
one further jessie issue no-dsa
remove aolserver from poodle entry, only uses openssl so once disabled there it's fixed along
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-13 19:42:55 UTC (rev 30044)
+++ data/CVE/list 2014-11-13 19:43:34 UTC (rev 30045)
@@ -11927,7 +11927,6 @@
{DSA-3053-1 DLA-81-1}
- openssl 1.0.1j-1
CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...)
- - aolserver4-nsopenssl <unfixed>
- apache2 2.4.10-6
- arora <unfixed> (unimportant)
- bouncycastle <unfixed>
@@ -57959,6 +57958,7 @@
CVE-2011-4968 [nginx http proxy module does not verify peer identity of https origin server]
RESERVED
- nginx <unfixed> (low; bug #697940)
+ [jessie] - nginx <no-dsa> (Minor issue)
[squeeze] - nginx <no-dsa> (Minor issue)
[wheezy] - nginx <no-dsa> (Minor issue)
NOTE: http://trac.nginx.org/nginx/ticket/13
More information about the Secure-testing-commits
mailing list