[Secure-testing-commits] r13802 - data/CVE

Stefan Fritsch Wed, 13 Jan 2010 10:58:54 -0800

Author: sf
Date: 2010-01-13 18:58:11 +0000 (Wed, 13 Jan 2010)
New Revision: 13802


Modified:
   data/CVE/list
Log:
new openssl issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-01-13 18:48:55 UTC (rev 13801)
+++ data/CVE/list       2010-01-13 18:58:11 UTC (rev 13802)
@@ -989,8 +989,11 @@
        NOT-FOR-US: IBM Rational ClearQuest
 CVE-2009-4356 (Multiple integer overflows in the jpeg.w5s and png.w5s filters 
in ...)
        NOT-FOR-US: Winamp
-CVE-2009-4355
+CVE-2009-4355 [openssl/mod_ssl/php-curl memory leak]
        RESERVED
+       - openssl <unfixed> (low)
+       [etch] - openssl <not-affected> (affects only 0.9.8f and later)
+       NOTE: apache2 packages in squeeze/sid do not seem to allow exploit
 CVE-2009-4354 (TransWARE Active! mail 2003 build 2003.0139.0871 and earlier 
does not ...)
        NOT-FOR-US: TransWARE Active
 CVE-2009-4353 (The Mobile Edition of TransWARE Active! mail 2003 build 
2003.0139.0871 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r13802 - data/CVE

Reply via email to