[Secure-testing-commits] r52781 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jun 21 12:49:49 UTC 2017
Author: carnil
Date: 2017-06-21 12:49:48 +0000 (Wed, 21 Jun 2017)
New Revision: 52781
Modified:
data/CVE/list
Log:
Mark CVE-2017-7522 as not-affected for jessie, and thus wheezy as well
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-21 12:49:20 UTC (rev 52780)
+++ data/CVE/list 2017-06-21 12:49:48 UTC (rev 52781)
@@ -6587,6 +6587,8 @@
CVE-2017-7522 [Crash mbed TLS/PolarSSL-based server]
RESERVED
- openvpn <unfixed> (unimportant)
+ [jessie] - openvpn <not-affected> (x509-track implemented in 2.4.0)
+ [wheezy] - penvpn <not-affected> (x509-track implemented in 2.4.0)
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/426392940c
NOTE: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
NOTE: http://www.openwall.com/lists/oss-security/2017/06/21/6
More information about the Secure-testing-commits
mailing list