[Secure-testing-commits] r11869 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon May 11 01:01:39 UTC 2009
Author: gilbert-guest
Date: 2009-05-11 01:01:39 +0000 (Mon, 11 May 2009)
New Revision: 11869
Modified:
data/CVE/list
Log:
etch/lenny not-affected by opensc issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-10 21:14:13 UTC (rev 11868)
+++ data/CVE/list 2009-05-11 01:01:39 UTC (rev 11869)
@@ -37,6 +37,9 @@
- system-tools-backends <unfixed> (low; bug #527952)
CVE-2009-XXXX [opensc: insecure due to wrong public exponent]
- opensc 0.11.8 (high; bug #527640)
+ [etch] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
+ [lenny] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
+ NOTE: checked code, public exponent set correctly in etch/lenny versions (CK_BYTE publicExponent[] = { 3 };)
CVE-2009-1581
RESERVED
CVE-2009-1580
More information about the Secure-testing-commits
mailing list