[Secure-testing-commits] r39559 - data/CVE
Markus Koschany
apo-guest at moszumanska.debian.org
Tue Feb 9 13:07:20 UTC 2016
Author: apo-guest
Date: 2016-02-09 13:07:20 +0000 (Tue, 09 Feb 2016)
New Revision: 39559
Modified:
data/CVE/list
Log:
CVE-2014-3566 is fixed in wheezy for lighttpd 1.4.31-4+deb7u3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-09 10:03:27 UTC (rev 39558)
+++ data/CVE/list 2016-02-09 13:07:20 UTC (rev 39559)
@@ -47263,7 +47263,7 @@
- erlang 1:17.3-dfsg-3 (bug #771359)
[squeeze] - erlang <no-dsa> (Minor issue)
[wheezy] - erlang <no-dsa> (Minor issue)
- - lighttpd 1.4.35-4 (bug #765702)
+ [wheezy] - lighttpd 1.4.31-4+deb7u3 (bug #765702; medium)
NOTE: https://www.openssl.org/~bodo/ssl-poodle.pdf
NOTE: http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
NOTE: This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
More information about the Secure-testing-commits
mailing list