diff options
| author | Stefan Fritsch <sf@debian.org> | 2009-11-27 18:26:46 +0000 |
|---|---|---|
| committer | Stefan Fritsch <sf@debian.org> | 2009-11-27 18:26:46 +0000 |
| commit | a937c85606471674316cac972a51f3f1a755bd88 (patch) | |
| tree | e0b980474779f99703ec89ca876215d1fd961f85 /data | |
| parent | f5fe10e553e00d473cc68d0773b1af1ae23f51a2 (diff) | |
nginx tls reneg disabled in unstable
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@13393 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE-2009-3555 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE-2009-3555 b/data/CVE-2009-3555 index f2573c1bda..d70c6ccbe2 100644 --- a/data/CVE-2009-3555 +++ b/data/CVE-2009-3555 @@ -25,8 +25,8 @@ Applications, which have been modified: - proftpd-dfsg -> Disabled SSL/TLS renegotiations in 1.3.2b-2 in unstable - apache2 -> Disabled client-initiated SSL/TLS renegs in 2.2.14-2, only partial fix, also issued as DSA 1934 for stable - tomcat-native -> 1.1.18-1 +- nginx: disabled renegotiation in 0.7.64-1 + patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt Candidates for modification: -- nginx: disables renegotiation in 0.7.64, bug #557873, - patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt - libapache-mod-ssl (oldstable only) bug #556942, no patch yet |