[Secure-testing-commits] r24807 - in data: CVE DSA

[Thijs Kinkhorst]

Author: thijs
Date: 2013-12-18 14:56:11 +0000 (Wed, 18 Dec 2013)
New Revision: 24807

Modified:
   data/CVE/list
   data/DSA/list
Log:
DSA-2821-1 gnupg - side channel attack


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-12-18 13:23:02 UTC (rev 24806)
+++ data/CVE/list	2013-12-18 14:56:11 UTC (rev 24807)
@@ -6778,8 +6778,9 @@
 	RESERVED
 	- grub2 2.00-20 (unimportant; bug #632598)
 	NOTE: Additional hardening for rare setups, not a vulnerability
-CVE-2013-4576
+CVE-2013-4576 [RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack]
 	RESERVED
+	- gnupg 1.4.15-2
 CVE-2013-4575 (Heap-based buffer overflow in the utility program in the Linux agent ...)
 	NOT-FOR-US: Symantec Backup Exec
 CVE-2013-4574

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2013-12-18 13:23:02 UTC (rev 24806)
+++ data/DSA/list	2013-12-18 14:56:11 UTC (rev 24807)
@@ -1,3 +1,7 @@
+[18 Dec 2013] DSA-2821-1 gnupg - side channel attack
+	{CVE-2013-4576}
+	[squeeze] - gnupg 1.4.10-4+squeeze4
+	[wheezy] - gnupg 1.4.12-7+deb7u3
 [17 Dec 2013] DSA-2820-1 nspr - integer overflow
 	{CVE-2013-5607}
 	[squeeze] - nspr 4.8.6-1+squeeze1