Use HTTPs for repo.or.cz git repository references

author: Salvatore Bonaccorso <carnil@debian.org> 2020-08-25 23:29:30 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-08-25 23:29:30 +0200
commit: 0ecc6b0693f0b4f5ff5dbe95b149e6249f2a2078 (patch)
tree: f6e12d8a658856d3b43c9f077025feb7501cc332
parent: 0c0a6649ef76bb388cfbcde88fb847c677699ee5 (diff)
5 files changed, 10 insertions, 10 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index f1cd3653b7..94227a60be 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -8312,7 +8312,7 @@ CVE-2011-2194 (Integer overflow in the XSPF playlist parser in VideoLAN VLC medi
 	{DSA-2257-1}
 	- vlc 1.1.10-1
 	[lenny] - vlc <not-affected> (Vulnerable code not present)
-	NOTE: http://repo.or.cz/w/vlc.git/commitdiff/cd929923ff49175a501bb3e9553a683bc42ff61c
+	NOTE: https://repo.or.cz/w/vlc.git/commitdiff/cd929923ff49175a501bb3e9553a683bc42ff61c
 CVE-2011-2190 (The generate_admin_password function in Cherokee before 1.2.99 uses ti ...)
 	- cherokee 1.0.14-1 (low; bug #647205)
 	[squeeze] - cherokee 1.0.8-5+squeeze1
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index ba6019364e..7bd51c2f37 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -66,7 +66,7 @@ CVE-2013-7464 (In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not
 	- zoneminder <not-affected> (Vulnerable code never in a embedded copy version for zoneminder)
 	- cacti <not-affected> (Vulnerable code never in any release inclusing embedded copy, i.e. pre 1.0.4)
 	NOTE: Issue is in embedded csrf-magic
-	NOTE: http://repo.or.cz/csrf-magic.git/commit/9d2537f70d58b16aeba89779aaf1573b8d618e11 (v1.0.4)
+	NOTE: https://repo.or.cz/csrf-magic.git/commit/9d2537f70d58b16aeba89779aaf1573b8d618e11 (v1.0.4)
 CVE-2013-7463 (The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use  ...)
 	NOT-FOR-US: aescrypt gem for Ruby
 CVE-2013-7462 (A directory traversal vulnerability in the web application in McAfee ( ...)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 3df4bff04f..556f1cb8a5 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -14533,7 +14533,7 @@ CVE-2016-6264 (Integer signedness error in libc/string/arm/memset.S in uClibc an
 	- uclibc-ng <itp> (bug #811275)
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
-	NOTE: http://repo.or.cz/uclibc-ng.git/commit/e3848e3dd64a8d6437531488fe341354bc02eaed
+	NOTE: https://repo.or.cz/uclibc-ng.git/commit/e3848e3dd64a8d6437531488fe341354bc02eaed
 	NOTE: http://mailman.uclibc-ng.org/pipermail/devel/2016-July/001067.html
 	NOTE: Fixed in 1.0.16 of uClibc-ng
 CVE-2016-6263 (The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn be ...)
@@ -26449,13 +26449,13 @@ CVE-2016-2224 (The __decode_dotted function in libc/inet/resolv.c in uClibc-ng b
 	{DLA-561-1}
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
-	NOTE: http://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac
+	NOTE: https://repo.or.cz/uclibc-ng.git/commit/d9c3a16dcab57d6b56225b9a67e9119cc9e2e4ac
 	NOTE: https://www.openwall.com/lists/oss-security/2016/02/05/2
 CVE-2016-2225 (The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng bef ...)
 	{DLA-561-1}
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
-	NOTE: http://repo.or.cz/uclibc-ng.git/commit/6932f2282ba0578d6ca2f21eead920d6b78bc93c
+	NOTE: https://repo.or.cz/uclibc-ng.git/commit/6932f2282ba0578d6ca2f21eead920d6b78bc93c
 	NOTE: https://www.openwall.com/lists/oss-security/2016/02/05/2
 CVE-2016-2216 (The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6  ...)
 	- nodejs 4.3.0~dfsg-1 (unimportant)
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 29ac6be719..cbc56b8001 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -3176,7 +3176,7 @@ CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435
-	NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3)
+	NOTE: https://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3)
 CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over ...)
 	- nasm 2.13.02-0.1
 	[stretch] - nasm <no-dsa> (Minor issue)
@@ -3200,7 +3200,7 @@ CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
-	NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3)
+	NOTE: https://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436
 CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_d ...)
 	- nasm 2.13.02-0.1
@@ -3219,7 +3219,7 @@ CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffe
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
-	NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3)
+	NOTE: https://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424
 CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over ...)
 	- nasm 2.13.02-0.1
@@ -3232,7 +3232,7 @@ CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown
 	[stretch] - nasm <no-dsa> (Minor issue)
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <no-dsa> (Minor issue)
-	NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3)
+	NOTE: https://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431
 CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservic ...)
 	NOT-FOR-US: Golden Frog VyprVPN
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 6ce455e61d..6b37ac66ce 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -32757,7 +32757,7 @@ CVE-2018-8881 (Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-
 	[jessie] - nasm <no-dsa> (Minor issue)
 	[wheezy] - nasm <ignored> (Minor issue)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392446
-	NOTE: http://repo.or.cz/nasm.git/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3 (nasm-2.13.02rc3)
+	NOTE: https://repo.or.cz/nasm.git/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3 (nasm-2.13.02rc3)
 CVE-2018-8880 (Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check ...)
 	NOT-FOR-US: Lutron Quantum BACnet Integration
 CVE-2018-8879 (Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS device ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-08-25 23:29:30 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-08-25 23:29:30 +0200
commit	0ecc6b0693f0b4f5ff5dbe95b149e6249f2a2078 (patch)
tree	f6e12d8a658856d3b43c9f077025feb7501cc332
parent	0c0a6649ef76bb388cfbcde88fb847c677699ee5 (diff)