[Secure-testing-commits] r23286 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Sun Aug 11 21:14:26 UTC 2013
Author: joeyh
Date: 2013-08-11 21:14:25 +0000 (Sun, 11 Aug 2013)
New Revision: 23286
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-11 19:13:30 UTC (rev 23285)
+++ data/CVE/list 2013-08-11 21:14:25 UTC (rev 23286)
@@ -529,6 +529,7 @@
RESERVED
CVE-2013-4852 [PuTTY SSH handshake heap overflow]
RESERVED
+ {DSA-2736-1}
- putty 0.63-1 (bug #718779)
- filezilla <unfixed> (bug #718800)
NOTE: http://www.securityfocus.com/archive/1/527763/30/0
@@ -1939,16 +1940,19 @@
RESERVED
CVE-2013-4208 [Private keys left in memory after being used by PuTTY tools]
RESERVED
+ {DSA-2736-1}
- putty 0.63-1
- filezilla <unfixed> (bug #719070)
NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html
CVE-2013-4207 [non-coprime values in DSA signatures can cause buffer overflow in modular inverse]
RESERVED
+ {DSA-2736-1}
- putty 0.63-1
- filezilla <unfixed> (bug #719070)
NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html
CVE-2013-4206 [buffer underrun in modmul can corrupt the heap]
RESERVED
+ {DSA-2736-1}
- putty 0.63-1
- filezilla <unfixed> (bug #719070)
NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
More information about the Secure-testing-commits
mailing list