libapache2-mod-nss: 1.0.11 entered unstbable introducing CVE-2015-3277

Note for reviewers; ommited the [stretch] tag since there is no upstream commit yet for CVE-2015-3277 so libapache2-mod-nss might migrate to testing (unless increased severity to RC) and giving later wrong information unles tracker updated again. But we could go both ways. git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@36094 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2015-08-16 06:18:30 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2015-08-16 06:18:30 +0000
commit: 1bd633895d6d2e270724151f66d639d9f53a1ffd (patch)
tree: ac9eaf52d124420ba1ff62b593e40e79c0263a62
parent: c29f068a5bbe4d94c31cc6486473c189eb8ab3e3 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 2afc5ce709..336f71066d 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7132,7 +7132,9 @@ CVE-2015-3278 [incorrect multi-keyword mode cipherstring parsing]
 	NOT-FOR-US: nss_compat_ossl (OpenSSL to NSS Porting Library)
 CVE-2015-3277 [incorrect multi-keyword mode cipherstring parsing]
 	RESERVED
-	- libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
+	- libapache2-mod-nss <unfixed> (bug #795657)
+	[jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
+	[wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
 	NOTE: Introduced by https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8 (1.10.11)
 CVE-2015-3276 [incorrect multi-keyword mode cipherstring parsing]
 	RESERVED
author	Salvatore Bonaccorso <carnil@debian.org>	2015-08-16 06:18:30 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2015-08-16 06:18:30 +0000
commit	1bd633895d6d2e270724151f66d639d9f53a1ffd (patch)
tree	ac9eaf52d124420ba1ff62b593e40e79c0263a62
parent	c29f068a5bbe4d94c31cc6486473c189eb8ab3e3 (diff)