[Secure-testing-commits] r3493 - data/CVE
Micah Anderson
micah at costa.debian.org
Wed Feb 15 17:21:59 UTC 2006
Author: micah
Date: 2006-02-15 17:21:54 +0000 (Wed, 15 Feb 2006)
New Revision: 3493
Modified:
data/CVE/list
Log:
Update on gnupg issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-15 16:20:52 UTC (rev 3492)
+++ data/CVE/list 2006-02-15 17:21:54 UTC (rev 3493)
@@ -578,8 +578,9 @@
RESERVED
CVE-2006-0455 [buggy return codes in gpg's sig verification code]
RESERVED
- - gnupg <unfixed>
- [woody] - gnupg <not-affected> (Only gpg 1.4.x are vulnerable)
+ - gnupg <unfixed> (bug #353017; medium)
+ NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html indicates that
+ NOTE: *all* versions are affected because gpg --verify is also affected
CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ...)
- linux-2.6 2.6.15-5
[sarge] - kernel-source-2.6.8 <not-affected>
More information about the Secure-testing-commits
mailing list