[Secure-testing-commits] r46128 - data/CVE

Salvatore Bonaccorso Fri, 11 Nov 2016 10:30:58 -0800

Author: carnil
Date: 2016-11-11 18:29:33 +0000 (Fri, 11 Nov 2016)
New Revision: 46128


Modified:
   data/CVE/list
Log:
Mark CVE-2016-5117 as unimportant

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-11-11 17:58:22 UTC (rev 46127)
+++ data/CVE/list       2016-11-11 18:29:33 UTC (rev 46128)
@@ -14463,11 +14463,12 @@
        NOTE: http://support.ntp.org/bin/view/Main/NtpBug3045
 CVE-2016-5117 [OpenNTPD not verifying CN during HTTPS constraints request]
        RESERVED
-       - openntpd <unfixed> (bug #825856)
+       - openntpd <unfixed> (bug #825856; unimportant)
        [jessie] - openntpd <not-affected> (Vulnerable code introduced later)
        [wheezy] - openntpd <not-affected> (Vulnerable code introduced later)
        NOTE: http://www.openwall.com/lists/oss-security/2016/05/23/2
        NOTE: Authenticated TLS "contraints" introduced in 2015-03-24 OpenNTPD 
5.7p4
+       NOTE: Option is not enabled at buildtime.
 CVE-2016-4964 [scsi: mptsas infinite loop in mptsas_fetch_requests]
        RESERVED
        - qemu 1:2.6+dfsg-2 (bug #825207)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r46128 - data/CVE

Reply via email to