[Secure-testing-commits] r24089 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Mon Oct 21 04:40:05 UTC 2013
Author: carnil
Date: 2013-10-21 04:40:05 +0000 (Mon, 21 Oct 2013)
New Revision: 24089
Modified:
data/CVE/list
Log:
Two dropbear issues fixed, CVE-2013-4434 and CVE-2013-4421
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-10-21 04:06:29 UTC (rev 24088)
+++ data/CVE/list 2013-10-21 04:40:05 UTC (rev 24089)
@@ -3759,7 +3759,7 @@
- salt <unfixed> (bug #726480)
CVE-2013-4434 [dropbear: avoid disclosing existence of valid users through inconsistent delays]
RESERVED
- - dropbear <unfixed> (low; bug #726118)
+ - dropbear 2012.55-1.4 (low; bug #726118)
[squeeze] - dropbear <no-dsa> (Minor issue)
[wheezy] - dropbear <no-dsa> (Minor issue)
CVE-2013-4433 [xhprof: unspecified XSS]
@@ -3805,7 +3805,7 @@
- quassel <not-affected> (Postgres support not enabled in Debian, see #552374)
CVE-2013-4421 [memory exhaustion denial of service]
RESERVED
- - dropbear <unfixed> (low; bug #726019)
+ - dropbear 2012.55-1.4 (low; bug #726019)
[squeeze] - dropbear <no-dsa> (Minor issue)
[wheezy] - dropbear <no-dsa> (Minor issue)
NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f
More information about the Secure-testing-commits
mailing list