[Secure-testing-commits] r29669 - data/CVE
Kurt Roeckx
kroeckx at moszumanska.debian.org
Sun Oct 26 15:55:32 UTC 2014
Author: kroeckx
Date: 2014-10-26 15:55:31 +0000 (Sun, 26 Oct 2014)
New Revision: 29669
Modified:
data/CVE/list
Log:
CVE-2013-0169/Lucky13: Add all SSL/TLS libraries.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-26 13:59:38 UTC (rev 29668)
+++ data/CVE/list 2014-10-26 15:55:31 UTC (rev 29669)
@@ -40771,6 +40771,16 @@
[squeeze] - nss <no-dsa> (Minor issue)
- openjdk-7 7u3-2.1.6-1
- openjdk-6 6b27-1.12.3-1
+ - gnutls26 2.12.20-4
+ [squeeze] - gnutls26 <no-dsa> (Too intrusive to backport)
+ - gnutls28 3.0.22-3
+ - cyassl 2.9.4+dfsg-1
+ - haskell-tls <unfixed>
+ - matrixssl <unfixed>
+ NOTE: matrixssl fixed this upstream in 3.4.1
+ - ocaml-ssl <unfixed>
+ - tlslite <unfixed>
+ - tomcatjss <unfixed>
NOTE: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
CVE-2013-0168 (The MoveDisk command in Red Hat Enterprise Virtualization Manager ...)
NOTE: RHEV management tool
More information about the Secure-testing-commits
mailing list