[Secure-testing-commits] r33951 - data/CVE

Alessandro Ghedini ghedo at moszumanska.debian.org
Wed Apr 29 17:11:46 UTC 2015


Author: ghedo
Date: 2015-04-29 17:11:46 +0000 (Wed, 29 Apr 2015)
New Revision: 33951

Modified:
   data/CVE/list
Log:
Mark CVE-2015-3154/curl as no-dsa in (old)oldstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-29 16:46:11 UTC (rev 33950)
+++ data/CVE/list	2015-04-29 17:11:46 UTC (rev 33951)
@@ -624,6 +624,8 @@
 CVE-2015-3153 [sensitive HTTP server headers also sent to proxies]
 	RESERVED
 	- curl 7.42.1-1
+	[wheezy] - curl <no-dsa> (Too intrusive to backport)
+	[squeeze] - curl <no-dsa> (Too intrusive to backport)
 	NOTE: http://curl.haxx.se/docs/adv_20150429.html
 CVE-2015-3152 [MySQL SSL/TLS downgrade]
 	RESERVED




More information about the Secure-testing-commits mailing list