[Secure-testing-commits] r33945 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Apr 29 14:16:11 UTC 2015
Author: carnil
Date: 2015-04-29 14:16:11 +0000 (Wed, 29 Apr 2015)
New Revision: 33945
Modified:
data/CVE/list
Log:
Add CVE-2015-3152
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-29 13:42:16 UTC (rev 33944)
+++ data/CVE/list 2015-04-29 14:16:11 UTC (rev 33945)
@@ -625,8 +625,13 @@
RESERVED
- curl 7.42.1-1
NOTE: http://curl.haxx.se/docs/adv_20150429.html
-CVE-2015-3152
+CVE-2015-3152 [MySQL SSL/TLS downgrade]
RESERVED
+ - mariadb-10.0 <unfixed>
+ - percona-xtradb-cluster-5.5 <unfixed>
+ NOTE: CVE was assigned explicitly only for MariaDB and Percona, but not Oracle MySQL
+ NOTE: since Oracle is a CNA itself.
+ NOTE: http://www.ocert.org/advisories/ocert-2015-003.html
CVE-2015-3151 [abrt: directory traversals in several D-Bus methods implemented by abrt-dbus]
RESERVED
NOT-FOR-US: abrt is Red Hat / Fedora specific
More information about the Secure-testing-commits
mailing list