Author: jmm Date: 2014-11-20 23:19:09 +0000 (Thu, 20 Nov 2014) New Revision: 30200
Modified: data/CVE/list Log: kdeplasma-addons no-dsa for jessie mark gnutls/beast as unimportant Modified: data/CVE/list =================================================================== --- data/CVE/list 2014-11-20 21:26:28 UTC (rev 30199) +++ data/CVE/list 2014-11-20 23:19:09 UTC (rev 30200) @@ -36687,6 +36687,7 @@ CVE-2013-2120 [weak generated passwords] RESERVED - kdeplasma-addons <unfixed> (low; bug #710497) + [jessie] - kdeplasma-addons <no-dsa> (Minor issue) [wheezy] - kdeplasma-addons <no-dsa> (Minor issue) [squeeze] - kdeplasma-addons <no-dsa> (Minor issue) NOTE: Original fix https://projects.kde.org/projects/kde/kdeplasma-addons/repository/revisions/36a1fe49cb70f717c4a6e9eeee2c9186503a8dce not sufficient @@ -64844,9 +64845,9 @@ NOTE: http://bugs.python.org/issue13885 NOTE: python3.1 is fixed starting 3.1.5 - cyassl <unfixed> - - gnutls26 <unfixed> - - gnutls28 <unfixed> - NOTE: gnutls recommends to use TLS 1.1 or 1.2. There doesn't seem to be a fix for TLS 1.0. + - gnutls26 <unfixed> (unimportant) + - gnutls28 <unfixed> (unimportant) + NOTE: No mitigation for gnutls, it is recommended to use TLS 1.1 or 1.2 which is supported 2.0.0 - haskell-tls <unfixed> - matrixssl <removed> (low) [squeeze] - matrixssl <no-dsa> (Minor issue) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits