[Secure-testing-commits] r36094 - data/CVE

Salvatore Bonaccorso Sat, 15 Aug 2015 23:18:46 -0700

Author: carnil
Date: 2015-08-16 06:18:30 +0000 (Sun, 16 Aug 2015)
New Revision: 36094


Modified:
   data/CVE/list
Log:
libapache2-mod-nss: 1.0.11 entered unstbable introducing CVE-2015-3277

Note for reviewers; ommited the [stretch] tag since there is no upstream
commit yet for CVE-2015-3277 so libapache2-mod-nss might migrate to
testing (unless increased severity to RC) and giving later wrong
information unles tracker updated again. But we could go both ways.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-08-16 05:53:28 UTC (rev 36093)
+++ data/CVE/list       2015-08-16 06:18:30 UTC (rev 36094)
@@ -7132,7 +7132,9 @@
        NOT-FOR-US: nss_compat_ossl (OpenSSL to NSS Porting Library)
 CVE-2015-3277 [incorrect multi-keyword mode cipherstring parsing]
        RESERVED
-       - libapache2-mod-nss <not-affected> (Vulnerability introduced in 1.0.11)
+       - libapache2-mod-nss <unfixed> (bug #795657)
+       [jessie] - libapache2-mod-nss <not-affected> (Vulnerability introduced 
in 1.0.11)
+       [wheezy] - libapache2-mod-nss <not-affected> (Vulnerability introduced 
in 1.0.11)
        NOTE: Introduced by 
https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8
 (1.10.11)
 CVE-2015-3276 [incorrect multi-keyword mode cipherstring parsing]
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r36094 - data/CVE

Reply via email to