[Secure-testing-commits] r31195 - data/CVE

Salvatore Bonaccorso Thu, 08 Jan 2015 03:31:50 -0800

Author: carnil
Date: 2015-01-08 11:31:21 +0000 (Thu, 08 Jan 2015)
New Revision: 31195


Modified:
   data/CVE/list
Log:
Update curl entries

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-01-08 11:27:37 UTC (rev 31194)
+++ data/CVE/list       2015-01-08 11:31:21 UTC (rev 31195)
@@ -4873,11 +4873,15 @@
        RESERVED
 CVE-2014-8152
        RESERVED
-CVE-2014-8151
+CVE-2014-8151 [libcurl/darwinssl certificate check bypass]
        RESERVED
-CVE-2014-8150
+       - curl <unfixed> (unimportant)
+       NOTE: only relevant when building with darwinssl
+       NOTE: http://curl.haxx.se/docs/adv_20150108A.html
+CVE-2014-8150 [URL request injection]
        RESERVED
        - curl 7.38.0-4
+       NOTE: http://curl.haxx.se/docs/adv_20150108B.html
 CVE-2014-8149
        RESERVED
 CVE-2014-8148 [midgard-core configures D-Bus system bus to be insecure]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r31195 - data/CVE

Reply via email to