[Secure-testing-commits] r23650 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Fri Sep 13 05:05:47 UTC 2013
Author: carnil
Date: 2013-09-13 05:05:46 +0000 (Fri, 13 Sep 2013)
New Revision: 23650
Modified:
data/CVE/list
Log:
Add bugnumbers for python-oauth2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-13 04:56:47 UTC (rev 23649)
+++ data/CVE/list 2013-09-13 05:05:46 UTC (rev 23650)
@@ -3070,12 +3070,12 @@
RESERVED
CVE-2013-4347 [Uses poor PRNG]
RESERVED
- - python-oauth2 <unfixed>
+ - python-oauth2 <unfixed> (bug #722657)
NOTE: http://www.openwall.com/lists/oss-security/2013/09/12/5
NOTE: https://github.com/simplegeo/python-oauth2/issues/9
CVE-2013-4346 [_check_signature() ignores the nonce value when validating signed urls]
RESERVED
- - python-oauth2 <unfixed>
+ - python-oauth2 <unfixed> (bug #722656)
NOTE: http://www.openwall.com/lists/oss-security/2013/09/12/5
NOTE: https://github.com/simplegeo/python-oauth2/issues/129
CVE-2013-4345
More information about the Secure-testing-commits
mailing list