[Secure-testing-commits] r39495 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Fri Feb 5 20:37:19 UTC 2016
Author: anarcat
Date: 2016-02-05 20:37:19 +0000 (Fri, 05 Feb 2016)
New Revision: 39495
Modified:
data/CVE/list
Log:
Summary: no openid code vulnerable to CVE-2016-2049 found in Debian
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-05 20:15:33 UTC (rev 39494)
+++ data/CVE/list 2016-02-05 20:37:19 UTC (rev 39495)
@@ -667,8 +667,11 @@
[jessie] - node-cli <no-dsa> (Minor issue)
CVE-2016-2049 (examples/consumer/common.php in JanRain PHP OpenID library (aka ...)
- php-openid <unfixed>
+ [jessie] - php-openid <no-dsa> (sample code only, no vulnerable code found in Debian)
+ [wheezy] - php-openid <no-dsa> (sample code only, no vulnerable code found in Debian)
+ [squeeze] - php-openid <no-dsa> (sample code only, no vulnerable code found in Debian)
NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/2
- TODO: check
+ NOTE: https://github.com/openid/php-openid/issues/128
CVE-2016-2047 (The ssl_verify_server_cert function in sql-common/client.c in MariaDB ...)
{DSA-3453-1}
- mariadb-10.0 10.0.23-1
More information about the Secure-testing-commits
mailing list