[Frugalware-git] homepage-ng: FSA643-libesmtp

Miklos Vajna Tue, 16 Mar 2010 12:49:16 -0700

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=4267e243b1207daf7f55ab620b638538fceece81


commit 4267e243b1207daf7f55ab620b638538fceece81
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Tue Mar 16 20:47:44 2010 +0100

FSA643-libesmtp

diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index ea91541..8c13d23 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,17 @@

<fsas>
<fsa>
+               <id>643</id>
+               <date>2010-03-16</date>
+               <author>Miklos Vajna</author>
+               <package>libesmtp</package>
+               <vulnerable>1.0.4-1</vulnerable>
+               <unaffected>1.0.4-2locris1</unaffected>
+               <bts>http://bugs.frugalware.org/task/4141</bts>
+               
<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408</cve>
+               <desc>libesmtp did not properly handle a '\0' character in a 
domain name in the subject's Common Name (CN) field of an X.509 certificate, 
which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a 
crafted certificate issued by a legitimate Certification Authority.</desc>
+       </fsa>
+       <fsa>
<id>642</id>
<date>2010-03-12</date>
<author>Miklos Vajna</author>
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

[Frugalware-git] homepage-ng: FSA643-libesmtp

Reply via email to