[Secure-testing-commits] r23231 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Wed Aug 7 18:45:30 UTC 2013
Author: carnil
Date: 2013-08-07 18:45:30 +0000 (Wed, 07 Aug 2013)
New Revision: 23231
Modified:
data/CVE/list
Log:
add reference for CVE-2013-4207
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-07 18:44:24 UTC (rev 23230)
+++ data/CVE/list 2013-08-07 18:45:30 UTC (rev 23231)
@@ -1796,10 +1796,11 @@
- putty 0.63-1
- filezilla <unfixed>
TODO: check filezilla
-CVE-2013-4207
+CVE-2013-4207 [non-coprime values in DSA signatures can cause buffer overflow in modular inverse]
RESERVED
- putty 0.63-1
- filezilla <unfixed>
+ NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html
TODO: check filezilla
CVE-2013-4206 [buffer underrun in modmul can corrupt the heap]
RESERVED
More information about the Secure-testing-commits
mailing list