Author: carnil Date: 2016-11-11 18:29:33 +0000 (Fri, 11 Nov 2016) New Revision: 46128
Modified: data/CVE/list Log: Mark CVE-2016-5117 as unimportant Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-11-11 17:58:22 UTC (rev 46127) +++ data/CVE/list 2016-11-11 18:29:33 UTC (rev 46128) @@ -14463,11 +14463,12 @@ NOTE: http://support.ntp.org/bin/view/Main/NtpBug3045 CVE-2016-5117 [OpenNTPD not verifying CN during HTTPS constraints request] RESERVED - - openntpd <unfixed> (bug #825856) + - openntpd <unfixed> (bug #825856; unimportant) [jessie] - openntpd <not-affected> (Vulnerable code introduced later) [wheezy] - openntpd <not-affected> (Vulnerable code introduced later) NOTE: http://www.openwall.com/lists/oss-security/2016/05/23/2 NOTE: Authenticated TLS "contraints" introduced in 2015-03-24 OpenNTPD 5.7p4 + NOTE: Option is not enabled at buildtime. CVE-2016-4964 [scsi: mptsas infinite loop in mptsas_fetch_requests] RESERVED - qemu 1:2.6+dfsg-2 (bug #825207) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits