[Secure-testing-commits] r39302 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Fri Jan 29 17:16:08 UTC 2016
Author: anarcat
Date: 2016-01-29 17:16:08 +0000 (Fri, 29 Jan 2016)
New Revision: 39302
Modified:
data/CVE/list
Log:
Summary: clarify why we ignore 2015-3197
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-29 17:05:09 UTC (rev 39301)
+++ data/CVE/list 2016-01-29 17:16:08 UTC (rev 39302)
@@ -21076,7 +21076,7 @@
CVE-2015-3197
RESERVED
- openssl 1.0.0c-2
- [squeeze] - openssl <no-dsa> (Minor issue)
+ [squeeze] - openssl <no-dsa> (Minor issue affecting only SSLv2)
NOTE: 1.0.0c-2 dropped SSLv2 support
NOTE: No MITM: https://bugzilla.redhat.com/show_bug.cgi?id=1301846#c3
CVE-2015-3196 (ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ...)
More information about the Secure-testing-commits
mailing list