[Secure-testing-commits] r57149 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Oct 30 21:30:00 UTC 2017
Author: carnil
Date: 2017-10-30 21:30:00 +0000 (Mon, 30 Oct 2017)
New Revision: 57149
Modified:
data/CVE/list
Log:
Add information for CVE-2015-3249, possibly only starting from 5.3.0 upstream
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-30 21:26:56 UTC (rev 57148)
+++ data/CVE/list 2017-10-30 21:30:00 UTC (rev 57149)
@@ -92808,7 +92808,8 @@
- apache-directory-api 1.0.0~M20-3 (bug #791957)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/5
CVE-2015-3249 (The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before ...)
- TODO: check
+ - trafficserver 5.3.1-1
+ NOTE: http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g@mail.gmail.com%3E
CVE-2015-3248 (openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable ...)
- openhpi <not-affected> (Only affects RPM packaging, in Debian directory is not world-writable, bug #789543)
CVE-2015-3247 (Race condition in the worker_update_monitors_config function in SPICE ...)
More information about the Secure-testing-commits
mailing list