[Secure-testing-commits] r29510 - data/DSA
Kurt Roeckx
kroeckx at moszumanska.debian.org
Sat Oct 18 17:24:26 UTC 2014
Author: kroeckx
Date: 2014-10-18 17:24:26 +0000 (Sat, 18 Oct 2014)
New Revision: 29510
Modified:
data/DSA/list
Log:
CVE-2014-3566 is not fixed in openssl 1.0.1e-2+deb7u13
CVE-2014-3566 is the SSL 3.0 protocol issue. It only contains something for the
fallback attack which is a separate issue that does not have a CVE. The only
way to fix it is to disable SSL 3.0.
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2014-10-18 13:52:45 UTC (rev 29509)
+++ data/DSA/list 2014-10-18 17:24:26 UTC (rev 29510)
@@ -1,5 +1,5 @@
[16 Oct 2014] DSA-3053-1 openssl - security update
- {CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568}
+ {CVE-2014-3513 CVE-2014-3567 CVE-2014-3568}
[wheezy] - openssl 1.0.1e-2+deb7u13
[15 Oct 2014] DSA-3052-1 wpa - security update
{CVE-2014-3686}
More information about the Secure-testing-commits
mailing list