Author: sf Date: 2014-07-23 21:46:26 +0000 (Wed, 23 Jul 2014) New Revision: 27927
Modified: data/CVE/list Log: CVE-2013-4352 does not affect squeeze/wheezy It only affects 2.4.[56]. Since 2.4.5 was never released, the security info on the apache web page is actually correct. Modified: data/CVE/list =================================================================== --- data/CVE/list 2014-07-23 21:14:13 UTC (rev 27926) +++ data/CVE/list 2014-07-23 21:46:26 UTC (rev 27927) @@ -20287,8 +20287,8 @@ [squeeze] - openssl <not-affected> (Only affects 1.0.1 to 1.0.1e) CVE-2013-4352 (The cache_invalidate function in modules/cache/cache_storage.c in the ...) - apache2 2.4.7-1 (low) - NOTE: According to http://httpd.apache.org/security/vulnerabilities_24.html this should only affect - NOTE: 2.4.6, but that seems wrong, since 2.4.6 was a single-change regression update + [wheezy] - apache2 <not-affected> (Only affects 2.4.[56]) + [squeeze] - apache2 <not-affected> (Only affects 2.4.[56]) CVE-2013-4351 (GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all ...) {DSA-2774-1 DSA-2773-1} - gnupg 1.4.15-1 (low; bug #722722) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits