[Secure-testing-commits] r47100 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 15 12:13:29 UTC 2016
Author: carnil
Date: 2016-12-15 12:13:29 +0000 (Thu, 15 Dec 2016)
New Revision: 47100
Modified:
data/CVE/list
Log:
Clarify scope question for CVE-2016-9574
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-15 12:03:19 UTC (rev 47099)
+++ data/CVE/list 2016-12-15 12:13:29 UTC (rev 47100)
@@ -7961,8 +7961,9 @@
- nss <unfixed>
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1320695
NOTE: The issue persists (although without segfault) up to 3.27. Using SessionTicket extension along
- NOTE: with any ECDHE-ECDSA ciphersuite renders unusable any subsequent connection to selfserv.
+ NOTE: with any ECDHE-ECDSA ciphersuite renders unusable any subsequent connection to selfserv.
NOTE: Proposed patch (not yet) finalized in upstream bug 1320695.
+ NOTE: Scope of the CVE is not yet clear.
CVE-2016-9573
RESERVED
- openjpeg2 <unfixed>
More information about the Secure-testing-commits
mailing list