diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-18 21:15:36 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-18 21:15:36 +0100 |
| commit | 1eeb4a2bb1ab2175e4eca42b8823f9e11e209354 (patch) | |
| tree | 713a0c278c8e7cd2775b388251c1a0d6433a8c7b /data/CVE/2009.list | |
| parent | dddc605831b1e59b08a12443e3c382a7d8261a36 (diff) | |
Remove notes for CVE-2009-5146
Apparently the CVE was withdrawn by its CNA (Mitre or OpenSSL?) because
further investigation showed that it was not a security issue. This is
not entirely clear, because in the first place back then it was assigned
in https://www.openwall.com/lists/oss-security/2015/03/16/7 .
But given MITRE beeing the assigner and now withrawn it follow this
without raising the question to MITRE.
Diffstat (limited to 'data/CVE/2009.list')
| -rw-r--r-- | data/CVE/2009.list | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/data/CVE/2009.list b/data/CVE/2009.list index d56eb7dc9b..16452a558e 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -52,12 +52,8 @@ CVE-2009-5147 (DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchle NOTE: In https://github.com/ruby/ruby/commit/07308c4d30b8c5260e5366c8eed2abf054d86fe7 NOTE: Discussion http://seclists.org/oss-sec/2015/q3/220 NOTE: DL has been replaced in 2.2 with Fiddle which has the same problem according to maintainer. -CVE-2009-5146 [memory leak in hostname TLS extension] +CVE-2009-5146 REJECTED - - openssl 0.9.8k-1 - NOTE: Fixed by: https://github.com/openssl/openssl/commit/7587347bc48e7e8a1e800e48bb0a658f1557c424 (OpenSSL_0_9_8k) - NOTE: Introduced by: https://github.com/openssl/openssl/commit/865a90eb4f0b0e3abbdd9dc2d3a4d57595575315 (OpenSSL_0_9_8f) - NOTE: http://www.openwall.com/lists/oss-security/2015/03/16/4 CVE-2009-5145 (Cross-site scripting (XSS) vulnerability in ZMI pages that use the man ...) - zope2.12 2.12.10-1 CVE-2009-5144 (mod-gnutls does not validate client certificates when "GnuTLSClientVer ...) |