[Secure-testing-commits] r32801 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-03-11 19:31:21 +0000 (Wed, 11 Mar 2015)
New Revision: 32801

Modified:
   data/CVE/list
Log:
Update information for CVE-2015-1027

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-11 16:19:00 UTC (rev 32800)
+++ data/CVE/list	2015-03-11 19:31:21 UTC (rev 32801)
@@ -3632,11 +3632,12 @@
 	NOTE: http://lists.alioth.debian.org/pipermail/pkg-puppet-devel/2015-January/009318.html
 CVE-2015-1028 (Multiple cross-site scripting (XSS) vulnerabilities in D-Link ...)
 	NOT-FOR-US: D-Link router
-CVE-2015-1027
+CVE-2015-1027 [MITM vulnerability via version check]
 	RESERVED
+	- percona-toolkit <unfixed>
 	- percona-xtrabackup <unfixed>
-	NOTE: http://lists.opensuse.org/opensuse-updates/2015-03/msg00030.html
-	TODO: check
+	NOTE: Effect mitigated because of disabled automatic version check due to CVE-2014-2029
+	TODO: check details
 CVE-2015-1026
 	RESERVED
 CVE-2015-1025