[Secure-testing-commits] r39560 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 9 13:20:53 UTC 2016
Author: carnil
Date: 2016-02-09 13:20:53 +0000 (Tue, 09 Feb 2016)
New Revision: 39560
Modified:
data/CVE/list
Log:
Add back version information for lighttpd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-09 13:07:20 UTC (rev 39559)
+++ data/CVE/list 2016-02-09 13:20:53 UTC (rev 39560)
@@ -47263,7 +47263,8 @@
- erlang 1:17.3-dfsg-3 (bug #771359)
[squeeze] - erlang <no-dsa> (Minor issue)
[wheezy] - erlang <no-dsa> (Minor issue)
- [wheezy] - lighttpd 1.4.31-4+deb7u3 (bug #765702; medium)
+ - lighttpd 1.4.35-4 (bug #765702)
+ [wheezy] - lighttpd 1.4.31-4+deb7u3
NOTE: https://www.openssl.org/~bodo/ssl-poodle.pdf
NOTE: http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
NOTE: This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
More information about the Secure-testing-commits
mailing list