Author: apo Date: 2017-10-31 23:22:43 +0000 (Tue, 31 Oct 2017) New Revision: 57188
Modified: data/CVE/list Log: CVE-2013-4366,httpcomponents-client: Wheezy is not affected The vulnerable code is not present in 4.1.x. Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-31 23:07:08 UTC (rev 57187) +++ data/CVE/list 2017-10-31 23:22:43 UTC (rev 57188) @@ -135999,6 +135999,7 @@ NOT-FOR-US: ovirt CVE-2013-4366 (http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x ...) - httpcomponents-client 4.3.2-1 + [wheezy] - httpcomponents-client <not-affected> (vulnerable code not present) NOTE: http://svn.apache.org/r1528614 CVE-2013-4365 (Heap-based buffer overflow in the fcgid_header_bucket_read function in ...) {DSA-2778-1} _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits