[Secure-testing-commits] r29379 - data/CVE

Henri Salo fgeek-guest at moszumanska.debian.org
Mon Oct 13 15:40:52 UTC 2014


Author: fgeek-guest
Date: 2014-10-13 15:40:52 +0000 (Mon, 13 Oct 2014)
New Revision: 29379

Modified:
   data/CVE/list
Log:
new ejabberd issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-13 10:08:44 UTC (rev 29378)
+++ data/CVE/list	2014-10-13 15:40:52 UTC (rev 29379)
@@ -1,3 +1,7 @@
+CVE-2014-XXXX [ejabberd: compression allows cirucumvention of encryption despite starttls_required]
+	- ejabberd <unfixed>
+	NOTE: http://mail.jabber.org/pipermail/operators/2014-October/002438.html
+	NOTE: Patch https://github.com/processone/ejabberd/commit/7bdc1151b
 CVE-2014-8241
 	- tigervnc <itp> (bug #650394)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151312




More information about the Secure-testing-commits mailing list