[web] master update

Mark J. Cox mark at openssl.org
Wed Apr 28 13:09:17 UTC 2021 

The branch master has been updated
       via  4fab73cc1edf551a6ade144dfcae1223fa2aa120 (commit)
       via  a56110d2a6791f92040bcd9ba6239a86916024ac (commit)
       via  6cea194f8dacf63ea52758c8e2a7bc2452918ca7 (commit)
      from  be9a59e85c1be6992ed7f61737bcf630d6cad0f6 (commit)


- Log -----------------------------------------------------------------
commit 4fab73cc1edf551a6ade144dfcae1223fa2aa120
Merge: be9a59e a56110d
Author: Mark J. Cox <mark at openssl.org>
Date:   Wed Apr 28 14:07:16 2021 +0100

    Merge pull request #237 from iamamoose/fixrt
    
    Fix security advisory links to rt.openssl.org

commit a56110d2a6791f92040bcd9ba6239a86916024ac
Author: Mark J. Cox <mark at awe.com>
Date:   Wed Apr 28 13:54:47 2021 +0100

    Remember we're in XML so escape &

commit 6cea194f8dacf63ea52758c8e2a7bc2452918ca7
Author: Mark J. Cox <mark at awe.com>
Date:   Wed Apr 28 13:52:47 2021 +0100

    We have some old links to rt.openssl.org as advisories, just link those to the archive version for
    now, we could dump these to txt files later

-----------------------------------------------------------------------

Summary of changes:
 news/vulnerabilities.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index c1b47e2..ba187fd 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -6391,7 +6391,7 @@ Implement RFC5746 to address vulnerabilities in SSL/TLS renegotiation.
 
   <issue public="20090205">
     <cve name="2009-1387"/>
-    <advisory url="https://rt.openssl.org/Ticket/Display.html?id=1838&user=guest&pass=guest"/>
+    <advisory url="https://web.archive.org/web/20100710092848/https://rt.openssl.org/Ticket/Display.html?id=1838"/>
     <affects base="0.9.8" version="0.9.8"/>
     <affects base="0.9.8" version="0.9.8a"/>
     <affects base="0.9.8" version="0.9.8b"/>
@@ -6415,7 +6415,7 @@ remote attacker could use this flaw to cause a DTLS server to crash.
 
   <issue public="20090512">
     <cve name="2009-1377"/>
-    <advisory url="https://rt.openssl.org/Ticket/Display.html?id=1930&user=guest&pass=guest"/>    
+    <advisory url="https://web.archive.org/web/20120306065500/http://rt.openssl.org/Ticket/Display.html?id=1930&user=guest&pass=guest"/>
     <affects base="0.9.8" version="0.9.8"/>
     <affects base="0.9.8" version="0.9.8a"/>
     <affects base="0.9.8" version="0.9.8b"/>
@@ -6445,7 +6445,7 @@ memory left.
 
     <issue public="20090512">
     <cve name="2009-1378"/>
-    <advisory url="https://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest"/>    
+    <advisory url="https://web.archive.org/web/20101120211136/http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest"/>
     <affects base="0.9.8" version="0.9.8"/>
     <affects base="0.9.8" version="0.9.8a"/>
     <affects base="0.9.8" version="0.9.8b"/>
@@ -6475,7 +6475,7 @@ left.
 
   <issue public="20090512">
     <cve name="2009-1379"/>
-    <advisory url="https://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest"/>        
+    <advisory url="https://web.archive.org/web/20100824233642/http://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest"/>
     <affects base="0.9.8" version="0.9.8"/>
     <affects base="0.9.8" version="0.9.8a"/>
     <affects base="0.9.8" version="0.9.8b"/>

More information about the openssl-commits mailing list