Author: corsac
Date: 2012-06-25 16:16:20 +0000 (Mon, 25 Jun 2012)
New Revision: 19590
Modified:
data/CVE/list
Log:
add python info for CVE-2011-3389
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-06-25 11:39:43 UTC (rev 19589)
+++ data/CVE/list 2012-06-25 16:16:20 UTC (rev 19590)
@@ -14129,7 +14129,6 @@
CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft
...)
{DSA-2398-1 DSA-2368-1 DSA-2358-1 DSA-2356-1}
- sun-java6 <removed> (bug #645881)
- - lighttpd 1.4.30-1
[lenny] - sun-java6 <no-dsa> (Non-free not supported)
[squeeze] - sun-java6 <no-dsa> (Non-free not supported)
- openjdk-6 6b23~pre11-1
@@ -14138,9 +14137,16 @@
NOTE:
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
- chromium-browser <unfixed>
- webkit <unfixed>
+ - lighttpd 1.4.30-1
NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a
workaround
- curl 7.24.0-1
NOTE: http://curl.haxx.se/docs/adv_20120124B.html
+ - python2.6 2.6.8-0.1
+ - python2.7 2.7.3~rc1-1
+ - python3.1 <unfixed> (bug #678998)
+ - python3.2 3.2.3~rc1-1
+ NOTE: http://bugs.python.org/issue13885
+ NOTE: python3.1 is fixed starting 3.1.5
CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure
site ...)
NOT-FOR-US: Opera
CVE-2011-3387 (The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote
...)