[Secure-testing-commits] r35103 - data/CVE

Salvatore Bonaccorso Mon, 22 Jun 2015 11:41:15 -0700

Author: carnil
Date: 2015-06-22 18:40:01 +0000 (Mon, 22 Jun 2015)
New Revision: 35103


Modified:
   data/CVE/list
Log:
Mark freeradius issues as no-dsa

Rationale: The recommended configuration is to use self-signed CAs for
EAP-TLS methods. See raddb/certs/README

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-06-22 18:22:11 UTC (rev 35102)
+++ data/CVE/list       2015-06-22 18:40:01 UTC (rev 35103)
@@ -7,8 +7,11 @@
        - libwmf <unfixed> (bug #784205)
 CVE-2015-4680 [insufficent CRL application]
        - freeradius <unfixed>
+       [jessie] - freeradius <no-dsa> (Minor issue)
+       [wheezy] - freeradius <no-dsa> (Minor issue)
+       NOTE: Recommended configuration is to use self-signed CAs for EAP-TLS 
methods.
+       NOTE: See raddb/certs/README
        NOTE: http://www.ocert.org/advisories/ocert-2015-008.html
-       TODO: check
 CVE-2015-4674
        RESERVED
 CVE-2015-4673


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r35103 - data/CVE

Reply via email to