[Secure-testing-commits] r26323 - data/CVE

Salvatore Bonaccorso Fri, 28 Mar 2014 12:25:08 -0700

Author: carnil
Date: 2014-03-28 19:24:33 +0000 (Fri, 28 Mar 2014)
New Revision: 26323


Modified:
   data/CVE/list
Log:
Mark CVE-2014-0083/ruby-net-ldap as not-affected

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-03-28 19:13:34 UTC (rev 26322)
+++ data/CVE/list       2014-03-28 19:24:33 UTC (rev 26323)
@@ -6810,7 +6810,8 @@
        RESERVED
 CVE-2014-0083 [SHA passwords generated by the net-ldap Ruby gem use a weak 
salt]
        RESERVED
-       - ruby-net-ldap <unfixed> (bug #742706)
+       - ruby-net-ldap <not-affected> (SSHA support not present)
+       NOTE: SSHA support only from version v0.5.0, see #742706
 CVE-2014-0082 (actionpack/lib/action_view/template/text.rb in Action View in 
Ruby on ...)
        - rails-4.0 <not-affected> (only 3.2.x and earlier)
        - rails-3.2 3.2.17-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r26323 - data/CVE

Reply via email to