nix-super/blacklisting/blacklist.xml

69 lines
1.5 KiB
XML
Raw Normal View History

2005-03-02 17:57:35 +02:00
<blacklist>
2005-03-07 16:54:52 +02:00
2005-03-02 17:57:35 +02:00
<item id='openssl-0.9.7d-obsolete'>
<condition>
<within>
<traverse><true /></traverse>
<hasAttr name='outputHash' value='1b49e90fc8a75c3a507c0a624529aca5' />
</within>
2005-03-02 17:57:35 +02:00
</condition>
<reason>
Race condition in CRL checking code. Upgrade to 0.9.7e.
</reason>
<severity class="all" level="low" />
</item>
2005-03-07 16:54:52 +02:00
<item id='zlib-1.2.1-security' type='security'>
2005-03-02 17:57:35 +02:00
<condition>
<within>
2005-03-07 16:54:52 +02:00
<traverse>
<not><hasAttr name='outputHash' value='.+' /></not>
2005-03-07 16:54:52 +02:00
</traverse>
<hasAttr name='outputHash' value='ef1cb003448b4a53517b8f25adb12452' />
</within>
2005-03-02 17:57:35 +02:00
</condition>
<reason>
Zlib 1.2.1 is vulnerable to a denial-of-service condition. See
http://www.kb.cert.org/vuls/id/238678. Upgrade to 1.2.2.
</reason>
<severity class="server" level="critical" />
<severity class="client" level="medium" />
</item>
2005-03-07 16:54:52 +02:00
<!--
2005-03-02 17:57:35 +02:00
<item id='libpng-1.2.7-crash'>
<condition>
<containsName name="libpng" comparison="lte" version="1.2.7" />
</condition>
<reason>
libpng 1.2.7 is vulnerable to a crash bug. See
http://www.libpng.org/pub/png/libpng.html. Upgrade to 1.2.8.
</reason>
<severity class="client" level="low" />
</item>
2005-03-07 16:54:52 +02:00
-->
<!--
<item id='subversion-without-zlib' type='improvement'>
<condition>
<withinOutputClosure>
<not>
<containsName name='zlib' />
</not>
</withinOutputClosure>
</condition>
2005-03-02 17:57:35 +02:00
2005-03-07 16:54:52 +02:00
<reason>
Subversion can be compiled with Zlib compression support, which is a good thing.
</reason>
</item>
-->
2005-03-02 17:57:35 +02:00
</blacklist>