[Secure-testing-commits] r31199 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Jan 8 18:02:25 UTC 2015
Author: jmm
Date: 2015-01-08 18:02:24 +0000 (Thu, 08 Jan 2015)
New Revision: 31199
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
add openssl to dsa-needed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-08 17:21:42 UTC (rev 31198)
+++ data/CVE/list 2015-01-08 18:02:24 UTC (rev 31199)
@@ -4906,8 +4906,7 @@
RESERVED
CVE-2014-8151 [libcurl/darwinssl certificate check bypass]
RESERVED
- - curl <unfixed> (unimportant)
- NOTE: only relevant when building with darwinssl
+ - curl <not-affected> (Only relevant when building with darwinssl/Mac OS X)
NOTE: http://curl.haxx.se/docs/adv_20150108A.html
CVE-2014-8150 [URL request injection]
RESERVED
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2015-01-08 17:21:42 UTC (rev 31198)
+++ data/dsa-needed.txt 2015-01-08 18:02:24 UTC (rev 31199)
@@ -36,6 +36,8 @@
RH has moved to 3.16 even in EL5, Ubuntu uses 3.17 across the LTSes, maybe we should follow that approach
Debdiff applied against current version for interim update: https://people.debian.org/~carnil/tmp/nss/
--
+openssl
+--
openswan (corsac)
NOTE: regression fix needed for CVE-2013-2053 (#743332) and CVE-2013-6466
(#744717)
More information about the Secure-testing-commits
mailing list