Author: thijs Date: 2012-03-24 08:11:10 +0000 (Sat, 24 Mar 2012) New Revision: 18749 Modified: data/CVE/list Log: note Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-03-23 21:14:36 UTC (rev 18748) +++ data/CVE/list 2012-03-24 08:11:10 UTC (rev 18749) @@ -2264,6 +2264,7 @@ NOTE: http://code.google.com/p/simplesamlphp/issues/detail?id=468 CVE-2012-0884 (The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 ...) - openssl 1.0.0h-1 (low) + NOTE: "If a Linux distribution picks up the fix for CVE-2012-0884 then they will want to pick up change 22161 at the same time" -- http://www.openwall.com/lists/oss-security/2012/03/23/12 CVE-2012-0883 [apache httpd insecure LD_LIBRARY_PATH] RESERVED - apache2 <not-affected> (LD_LIBRARY_PATH not set in debian package)