[Secure-testing-commits] r31195 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jan 8 11:31:21 UTC 2015
Author: carnil
Date: 2015-01-08 11:31:21 +0000 (Thu, 08 Jan 2015)
New Revision: 31195
Modified:
data/CVE/list
Log:
Update curl entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-08 11:27:37 UTC (rev 31194)
+++ data/CVE/list 2015-01-08 11:31:21 UTC (rev 31195)
@@ -4873,11 +4873,15 @@
RESERVED
CVE-2014-8152
RESERVED
-CVE-2014-8151
+CVE-2014-8151 [libcurl/darwinssl certificate check bypass]
RESERVED
-CVE-2014-8150
+ - curl <unfixed> (unimportant)
+ NOTE: only relevant when building with darwinssl
+ NOTE: http://curl.haxx.se/docs/adv_20150108A.html
+CVE-2014-8150 [URL request injection]
RESERVED
- curl 7.38.0-4
+ NOTE: http://curl.haxx.se/docs/adv_20150108B.html
CVE-2014-8149
RESERVED
CVE-2014-8148 [midgard-core configures D-Bus system bus to be insecure]
More information about the Secure-testing-commits
mailing list