Author: geissert Date: 2011-09-14 01:35:33 +0000 (Wed, 14 Sep 2011) New Revision: 17236 Modified: data/CVE/list Log: openssl''s CVE-2008-7270 was already fixed in lenny Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-14 00:03:48 UTC (rev 17235) +++ data/CVE/list 2011-09-14 01:35:33 UTC (rev 17236) @@ -10422,6 +10422,9 @@ NOT-FOR-US: Apache archiva CVE-2008-7270 (OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ...) - openssl 0.9.8k-1 + [lenny] - openssl 0.9.8g-15+lenny11 + NOTE: lenny was fixed as a side effect of the fix of CVE-2010-4180 + NOTE: which disabled the bug compatibility code CVE-2010-4334 (IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, ...) - libio-socket-ssl-perl 1.35-1 (bug #606058) [squeeze] - libio-socket-ssl-perl 1.33-1+squeeze1