[Secure-testing-commits] r30200 - data/CVE

Moritz Muehlenhoff Thu, 20 Nov 2014 15:19:34 -0800

Author: jmm
Date: 2014-11-20 23:19:09 +0000 (Thu, 20 Nov 2014)
New Revision: 30200


Modified:
   data/CVE/list
Log:
kdeplasma-addons no-dsa for jessie
mark gnutls/beast as unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-11-20 21:26:28 UTC (rev 30199)
+++ data/CVE/list       2014-11-20 23:19:09 UTC (rev 30200)
@@ -36687,6 +36687,7 @@
 CVE-2013-2120 [weak generated passwords]
        RESERVED
        - kdeplasma-addons <unfixed> (low; bug #710497)
+       [jessie] - kdeplasma-addons <no-dsa> (Minor issue)
        [wheezy] - kdeplasma-addons <no-dsa> (Minor issue)
        [squeeze] - kdeplasma-addons <no-dsa> (Minor issue)
        NOTE: Original fix 
https://projects.kde.org/projects/kde/kdeplasma-addons/repository/revisions/36a1fe49cb70f717c4a6e9eeee2c9186503a8dce
 not sufficient
@@ -64844,9 +64845,9 @@
        NOTE: http://bugs.python.org/issue13885
        NOTE: python3.1 is fixed starting 3.1.5
        - cyassl <unfixed>
-       - gnutls26 <unfixed>
-       - gnutls28 <unfixed>
-       NOTE: gnutls recommends to use TLS 1.1 or 1.2.  There doesn't seem to 
be a fix for TLS 1.0.
+       - gnutls26 <unfixed> (unimportant)
+       - gnutls28 <unfixed> (unimportant)
+       NOTE: No mitigation for gnutls, it is recommended to use TLS 1.1 or 1.2 
which is supported 2.0.0
        - haskell-tls <unfixed>
        - matrixssl <removed> (low)
        [squeeze] - matrixssl <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r30200 - data/CVE

Reply via email to