[Secure-testing-commits] r39285 - data/CVE

Guido Guenther agx at moszumanska.debian.org
Fri Jan 29 09:15:31 UTC 2016


Author: agx
Date: 2016-01-29 09:15:31 +0000 (Fri, 29 Jan 2016)
New Revision: 39285

Modified:
   data/CVE/list
Log:
Mark CVE-2015-3197 as no-das in squeeze

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-29 09:14:49 UTC (rev 39284)
+++ data/CVE/list	2016-01-29 09:15:31 UTC (rev 39285)
@@ -21039,7 +21039,9 @@
 CVE-2015-3197
 	RESERVED
 	- openssl 1.0.0c-2
+	[squeeze] - openssl <no-dsa> (Minor issue)
 	NOTE: 1.0.0c-2 dropped SSLv2 support
+	NOTE: No MITM: https://bugzilla.redhat.com/show_bug.cgi?id=1301846#c3
 CVE-2015-3196 (ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ...)
 	{DSA-3413-1}
 	- openssl 1.0.2d-1




More information about the Secure-testing-commits mailing list