Author: sf Date: 2010-01-13 18:58:11 +0000 (Wed, 13 Jan 2010) New Revision: 13802 Modified: data/CVE/list Log: new openssl issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-13 18:48:55 UTC (rev 13801) +++ data/CVE/list 2010-01-13 18:58:11 UTC (rev 13802) @@ -989,8 +989,11 @@ NOT-FOR-US: IBM Rational ClearQuest CVE-2009-4356 (Multiple integer overflows in the jpeg.w5s and png.w5s filters in ...) NOT-FOR-US: Winamp -CVE-2009-4355 +CVE-2009-4355 [openssl/mod_ssl/php-curl memory leak] RESERVED + - openssl <unfixed> (low) + [etch] - openssl <not-affected> (affects only 0.9.8f and later) + NOTE: apache2 packages in squeeze/sid do not seem to allow exploit CVE-2009-4354 (TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not ...) NOT-FOR-US: TransWARE Active CVE-2009-4353 (The Mobile Edition of TransWARE Active! mail 2003 build 2003.0139.0871 ...)