[Secure-testing-commits] r35167 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Fri Jun 26 10:31:52 UTC 2015
Author: agx
Date: 2015-06-26 10:31:52 +0000 (Fri, 26 Jun 2015)
New Revision: 35167
Modified:
data/CVE/list
Log:
Mark freeradius issues as no-dsa
Following the reasoning of the security team:
The upstream recommended configuration is to use self-signed CAs for
EAP-TLS methods. See raddb/certs/README
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-26 10:19:14 UTC (rev 35166)
+++ data/CVE/list 2015-06-26 10:31:52 UTC (rev 35167)
@@ -825,6 +825,7 @@
- freeradius <unfixed> (bug #789623)
[jessie] - freeradius <no-dsa> (Minor issue)
[wheezy] - freeradius <no-dsa> (Minor issue)
+ [squeeze] - freeradius <no-dsa> (Minor issue)
NOTE: Recommended configuration is to use self-signed CAs for EAP-TLS methods.
NOTE: See raddb/certs/README
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/5e698b407dcac2bc45cf03484bac4398109d25c3 (v2.x.x branch)
More information about the Secure-testing-commits
mailing list