Author: sf
Date: 2014-07-23 21:46:26 +0000 (Wed, 23 Jul 2014)
New Revision: 27927
Modified:
data/CVE/list
Log:
CVE-2013-4352 does not affect squeeze/wheezy
It only affects 2.4.[56]. Since 2.4.5 was never released, the security info on
the apache web page is actually correct.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-23 21:14:13 UTC (rev 27926)
+++ data/CVE/list 2014-07-23 21:46:26 UTC (rev 27927)
@@ -20287,8 +20287,8 @@
[squeeze] - openssl <not-affected> (Only affects 1.0.1 to 1.0.1e)
CVE-2013-4352 (The cache_invalidate function in modules/cache/cache_storage.c
in the ...)
- apache2 2.4.7-1 (low)
- NOTE: According to
http://httpd.apache.org/security/vulnerabilities_24.html this should only
affect
- NOTE: 2.4.6, but that seems wrong, since 2.4.6 was a single-change
regression update
+ [wheezy] - apache2 <not-affected> (Only affects 2.4.[56])
+ [squeeze] - apache2 <not-affected> (Only affects 2.4.[56])
CVE-2013-4351 (GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with
all ...)
{DSA-2774-1 DSA-2773-1}
- gnupg 1.4.15-1 (low; bug #722722)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
