[Secure-testing-commits] r47289 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 21 16:34:16 UTC 2016
Author: carnil
Date: 2016-12-21 16:34:16 +0000 (Wed, 21 Dec 2016)
New Revision: 47289
Modified:
data/CVE/list
Log:
Add notes for CVE-2016-0736/apache2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-21 16:32:39 UTC (rev 47288)
+++ data/CVE/list 2016-12-21 16:34:16 UTC (rev 47289)
@@ -38361,10 +38361,12 @@
[jessie] - swift <not-affected> (Vulnerable code not present)
[wheezy] - swift <not-affected> (Vulnerable code not present)
NOTE: Swift: >=2.2.1 <= 2.3.0
-CVE-2016-0736
+CVE-2016-0736 [Padding Oracle in Apache mod_session_crypto]
RESERVED
- apache2 <unfixed>
NOTE: https://lists.apache.org/thread.html/139862b41c0dfd5e6e00ad89c00119f9faf0dd41a2f927da9c9a4076@%3Cannounce.httpd.apache.org%3E
+ NOTE: Affects: 2.4.1 to 2.4.23
+ NOTE: Fixed in 2.4.25
CVE-2016-0735 (Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to ...)
NOT-FOR-US: Apache Ranger
CVE-2016-0734 (The web-based administration console in Apache ActiveMQ 5.x before ...)
More information about the Secure-testing-commits
mailing list