Author: stef-guest
Date: 2005-08-24 21:46:16 +0000 (Wed, 24 Aug 2005)
New Revision: 1640
Modified:
data/CAN/list
Log:
update CAN-2005-1268/apache
Modified: data/CAN/list
===================================================================
--- data/CAN/list 2005-08-24 21:14:18 UTC (rev 1639)
+++ data/CAN/list 2005-08-24 21:46:16 UTC (rev 1640)
@@ -6068,7 +6068,9 @@
CAN-2005-1268 (Off-by-one error in the mod_ssl Certificate Revocation List
(CRL) ...)
NOTE: This is from latest Trustix advisory, exploitation would require
to trick
NOTE: someone into using a maliciously crafted certificate revocation
list
+ TODO: check libapache-mod-ssl: AFAIK it is not affected, file bug if it
is
- libapache-mod-ssl (unfixed; low)
+ - apache2 (unfixed; bug #320048; low)
CAN-2005-1267 (The bgp_update_print function in tcpdump 3.x does not properly
handle ...)
- tcpdump 3.9.0.cvs.20050614-1 (medium)
CAN-2005-1266 (Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote
attackers to ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
