[Secure-testing-commits] r28700 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Sep 10 20:04:23 UTC 2014


Author: carnil
Date: 2014-09-10 20:04:22 +0000 (Wed, 10 Sep 2014)
New Revision: 28700

Modified:
   data/CVE/list
Log:
Add fixed version for two curl CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-10 18:16:58 UTC (rev 28699)
+++ data/CVE/list	2014-09-10 20:04:22 UTC (rev 28700)
@@ -6047,7 +6047,7 @@
 	RESERVED
 CVE-2014-3620 [libcurl cookie leak for TLDs]
 	RESERVED
-	- curl <unfixed>
+	- curl 7.38.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20140910B.html
 CVE-2014-3619
 	RESERVED
@@ -6069,7 +6069,7 @@
 	[squeeze] - pdns-recursor <not-affected> (Only affects 3.6.0)
 CVE-2014-3613 [libcurl cookie leak with IP address as domain]
 	RESERVED
-	- curl <unfixed>
+	- curl 7.38.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20140910A.html
 CVE-2014-3612
 	RESERVED




More information about the Secure-testing-commits mailing list