[Secure-testing-commits] r33452 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Apr 9 06:05:28 UTC 2015
Author: carnil
Date: 2015-04-09 06:05:28 +0000 (Thu, 09 Apr 2015)
New Revision: 33452
Modified:
data/CVE/list
Log:
Add CVE-2015-1855/ruby from external check
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-09 06:00:31 UTC (rev 33451)
+++ data/CVE/list 2015-04-09 06:05:28 UTC (rev 33452)
@@ -2840,8 +2840,15 @@
RESERVED
CVE-2015-1856
RESERVED
-CVE-2015-1855
+CVE-2015-1855 [OpenSSL extension hostname matching implementation violates RFC 6125]
RESERVED
+ - ruby1.8 <removed>
+ - ruby1.9.1 <removed>
+ - ruby2.0 <removed>
+ - ruby2.1 <unfixed>
+ - ruby2.2 <unfixed>
+ NOTE: https://github.com/ruby/openssl/commit/e9a7bcb8bf2902f907c148a00bbcf21d3fa79596
+ TODO: check
CVE-2015-1854
RESERVED
CVE-2015-1853 [authentication doesn't protect symmetric associations against DoS attacks]
More information about the Secure-testing-commits
mailing list