[Secure-testing-commits] r28946 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Sep 22 06:32:35 UTC 2014
Author: carnil
Date: 2014-09-22 06:32:35 +0000 (Mon, 22 Sep 2014)
New Revision: 28946
Modified:
data/CVE/list
Log:
Add CVE-2014-7144
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-22 06:26:43 UTC (rev 28945)
+++ data/CVE/list 2014-09-22 06:32:35 UTC (rev 28946)
@@ -1,6 +1,9 @@
CVE-2014-XXXX [Remote crash based on malformed SIP subscription]
- asterisk <not-affected> (only affects 12.x series)
NOTE: http://downloads.asterisk.org/pub/security/AST-2014-009.html
+CVE-2014-7144 [TLS cert verification option not honoured in paste configs]
+ - python-keystonemiddleware <unfixed>
+ - python-keystoneclient <unfixed>
CVE-2014-7143 [twisted: trustRoot not respected in HTTP client]
- twisted <unfixed> (bug #761983)
[wheezy] - twisted <not-affected> (Only affects 14.0 series)
More information about the Secure-testing-commits
mailing list