[Secure-testing-commits] r14804 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Fri Jun 4 22:02:47 UTC 2010
Author: jmm-guest
Date: 2010-06-04 22:02:46 +0000 (Fri, 04 Jun 2010)
New Revision: 14804
Modified:
data/CVE/list
Log:
new openssl issues not affecting Lenny
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-04 21:55:26 UTC (rev 14803)
+++ data/CVE/list 2010-06-04 22:02:46 UTC (rev 14804)
@@ -1233,7 +1233,8 @@
CVE-2010-1634 (Multiple integer overflows in audioop.c in the audioop module in ...)
TODO: check
CVE-2010-1633 (RSA verification recovery in the EVP_PKEY_verify_recover function in ...)
- TODO: check
+ - openssl <unfixed> (bug filed)
+ [lenny] - openssl <not-affected> (This bug is only present in OpenSSL 1.0.0)
CVE-2010-1632
RESERVED
CVE-2010-1631
@@ -3803,7 +3804,8 @@
- iscsitarget 0.4.17+svn229-1.4 (medium; bug #574935)
- tgt 1:1.0.3-2 (medium; bug #576086)
CVE-2010-0742 (The Cryptographic Message Syntax (CMS) implementation in ...)
- TODO: check
+ - openssl <unfixed> (bug filed)
+ [lenny] - openssl <not-affected> (CMS is only present in OpenSSL 0.9.8h and later)
CVE-2010-0741 (The virtio_net_bad_features function in hw/virtio-net.c in the ...)
- linux-2.6 2.6.26-1
CVE-2010-0740 (The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ...)
More information about the Secure-testing-commits
mailing list