diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2015-08-16 06:18:30 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2015-08-16 06:18:30 +0000 |
commit | 1bd633895d6d2e270724151f66d639d9f53a1ffd (patch) | |
tree | ac9eaf52d124420ba1ff62b593e40e79c0263a62 | |
parent | c29f068a5bbe4d94c31cc6486473c189eb8ab3e3 (diff) |
libapache2-mod-nss: 1.0.11 entered unstbable introducing CVE-2015-3277
Note for reviewers; ommited the [stretch] tag since there is no upstream
commit yet for CVE-2015-3277 so libapache2-mod-nss might migrate to
testing (unless increased severity to RC) and giving later wrong
information unles tracker updated again. But we could go both ways.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@36094 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 2afc5ce709..336f71066d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -7132,7 +7132,9 @@ CVE-2015-3278 [incorrect multi-keyword mode cipherstring parsing] NOT-FOR-US: nss_compat_ossl (OpenSSL to NSS Porting Library) CVE-2015-3277 [incorrect multi-keyword mode cipherstring parsing] RESERVED - - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11) + - libapache2-mod-nss <unfixed> (bug #795657) + [jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11) + [wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11) NOTE: Introduced by https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.10.11) CVE-2015-3276 [incorrect multi-keyword mode cipherstring parsing] RESERVED |