[Secure-testing-commits] r34834 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jun 9 20:33:08 UTC 2015
Author: carnil
Date: 2015-06-09 20:33:08 +0000 (Tue, 09 Jun 2015)
New Revision: 34834
Modified:
data/CVE/list
Log:
Update CVE-2015-3420
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-09 19:23:11 UTC (rev 34833)
+++ data/CVE/list 2015-06-09 20:33:08 UTC (rev 34834)
@@ -2145,9 +2145,9 @@
CVE-2015-3420 [SSL/TLS handshake failures leading to a crash of the login process]
RESERVED
- dovecot 1:2.2.13-12 (bug #783649)
+ [jessie] - dovecot <no-dsa> (Minor issue, can be fixed through a pu)
+ [wheezy] - dovecot <not-affected> (Problematic patch introducing the issue not applied)
[squeeze] - dovecot <not-affected> (Vulnerable code not present & not reproducible)
- [jessie] - dovecot <no-dsa> (Minor issue, can be fixed through a pu although introduced via security update)
- [wheezy] - dovecot <no-dsa> (Minor issue, can be fixed through a pu although introduced via security update)
NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/3
NOTE: Patch: http://hg.dovecot.org/dovecot-2.2/rev/86f535375750
NOTE: Segfault reproducible if using openssl/1.0.2a-1 from sid.
More information about the Secure-testing-commits
mailing list