[Secure-testing-commits] r49113 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Feb 22 05:36:19 UTC 2017
Author: carnil
Date: 2017-02-22 05:36:19 +0000 (Wed, 22 Feb 2017)
New Revision: 49113
Modified:
data/CVE/list
Log:
Add CVE-2017-2629/curl
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-22 05:36:11 UTC (rev 49112)
+++ data/CVE/list 2017-02-22 05:36:19 UTC (rev 49113)
@@ -9631,8 +9631,13 @@
- qemu-kvm <not-affected> (Vulnerable code introduced later)
NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422415
-CVE-2017-2629
+CVE-2017-2629 [SSL_VERIFYSTATUS ignored]
RESERVED
+ - curl <unfixed>
+ [jessie] - curl <not-affected> (Vulnerable code introduced later)
+ [wheezy] - curl <not-affected> (Vulnerable code introduced later)
+ NOTE: Patch: https://curl.haxx.se/CVE-2017-2629.patch
+ NOTE: https://curl.haxx.se/docs/adv_20170222.html
CVE-2017-2628
RESERVED
CVE-2017-2627 [openstack-tripleo-common: sudoers file is too permissive]
More information about the Secure-testing-commits
mailing list