[Secure-testing-commits] r47131 - data/CVE

[Markus Koschany]

Author: apo
Date: 2016-12-16 13:49:38 +0000 (Fri, 16 Dec 2016)
New Revision: 47131

Modified:
   data/CVE/list
Log:
CVE-2015-8786,rabbitmq-server: Mark Wheezy as not affected because

the lengths_age or lengths_incr parameters are not present thus the denial of
service attack won't work.




Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-16 13:27:58 UTC (rev 47130)
+++ data/CVE/list	2016-12-16 13:49:38 UTC (rev 47131)
@@ -33190,6 +33190,7 @@
 CVE-2015-8786 (The Management plugin in RabbitMQ before 3.6.1 allows remote ...)
 	- rabbitmq-server 3.6.5-1
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
+	[wheezy] - rabbitmq-server <not-affected> (lengths_age or lengths_incr parameters are not present)
 	NOTE: https://github.com/rabbitmq/rabbitmq-management/issues/97
 CVE-2016-XXXX [out of bound read and write issues]
 	- giflib 5.1.4-0.1 (bug #820594)