diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-18 21:15:36 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-18 21:15:36 +0100 |
commit | 86b760ff1dbbb751edcb34830eaf49734e72d7e4 (patch) | |
tree | 48a3a908b5db116636444b040794486b79810cf7 /data/CVE/list.2009 | |
parent | 6de5b9522355ea84e97683399d867cf6a75bda8b (diff) |
Remove notes for CVE-2009-5146
Apparently the CVE was withdrawn by its CNA (Mitre or OpenSSL?) because
further investigation showed that it was not a security issue. This is
not entirely clear, because in the first place back then it was assigned
in https://www.openwall.com/lists/oss-security/2015/03/16/7 .
But given MITRE beeing the assigner and now withrawn it follow this
without raising the question to MITRE.
Diffstat (limited to 'data/CVE/list.2009')
-rw-r--r-- | data/CVE/list.2009 | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/data/CVE/list.2009 b/data/CVE/list.2009 index d56eb7dc9b..16452a558e 100644 --- a/data/CVE/list.2009 +++ b/data/CVE/list.2009 @@ -52,12 +52,8 @@ CVE-2009-5147 (DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchle NOTE: In https://github.com/ruby/ruby/commit/07308c4d30b8c5260e5366c8eed2abf054d86fe7 NOTE: Discussion http://seclists.org/oss-sec/2015/q3/220 NOTE: DL has been replaced in 2.2 with Fiddle which has the same problem according to maintainer. -CVE-2009-5146 [memory leak in hostname TLS extension] +CVE-2009-5146 REJECTED - - openssl 0.9.8k-1 - NOTE: Fixed by: https://github.com/openssl/openssl/commit/7587347bc48e7e8a1e800e48bb0a658f1557c424 (OpenSSL_0_9_8k) - NOTE: Introduced by: https://github.com/openssl/openssl/commit/865a90eb4f0b0e3abbdd9dc2d3a4d57595575315 (OpenSSL_0_9_8f) - NOTE: http://www.openwall.com/lists/oss-security/2015/03/16/4 CVE-2009-5145 (Cross-site scripting (XSS) vulnerability in ZMI pages that use the man ...) - zope2.12 2.12.10-1 CVE-2009-5144 (mod-gnutls does not validate client certificates when "GnuTLSClientVer ...) |