[Secure-testing-commits] r39648 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Feb 13 14:08:08 UTC 2016
Author: jmm
Date: 2016-02-13 14:08:08 +0000 (Sat, 13 Feb 2016)
New Revision: 39648
Modified:
data/CVE/list
Log:
reset to <unfixed> (unimportant), which is what we use for issues found in
the source package, but not shipped in the binary package. once the
sample code is fixed, it can be set as the fixed version
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-13 13:35:34 UTC (rev 39647)
+++ data/CVE/list 2016-02-13 14:08:08 UTC (rev 39648)
@@ -993,8 +993,8 @@
- node-cli <unfixed> (bug #809252)
[jessie] - node-cli <no-dsa> (Minor issue)
CVE-2016-2049 (examples/consumer/common.php in JanRain PHP OpenID library (aka ...)
- - php-openid <not-affected> (vulnerable code not present)
- NOTE: sample code only, actual vulnerable code not found anywhere in Debian
+ - php-openid <unfixed> (unimportant)
+ NOTE: sample code only, actual vulnerable code not shipped in package
NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/2
NOTE: https://github.com/openid/php-openid/issues/128
CVE-2016-2047 (The ssl_verify_server_cert function in sql-common/client.c in MariaDB ...)
More information about the Secure-testing-commits
mailing list