[Secure-testing-commits] r23670 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Sat Sep 14 07:58:46 UTC 2013
Author: carnil
Date: 2013-09-14 07:58:45 +0000 (Sat, 14 Sep 2013)
New Revision: 23670
Modified:
data/CVE/list
Log:
Add some more note and affected package for CVE-2013-4350
Note for jmm ;-): What done: checked most current linux source package
in unstable and checked if patch is applied (-> not). Checked current
master from linux (also not yet applied). Thus added linux-2.6 <removed>
(commit mentions it present since at least 2.6.18) and linux <unfixed>
Left the TODO mark.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-14 06:20:27 UTC (rev 23669)
+++ data/CVE/list 2013-09-14 07:58:45 UTC (rev 23670)
@@ -3073,10 +3073,13 @@
- gnupg <unfixed> (low; bug #722722)
[squeeze] - gnupg <no-dsa> (Minor issue)
[wheezy] - gnupg <no-dsa> (Minor issue)
-CVE-2013-4350
+CVE-2013-4350 [net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit]
RESERVED
+ - linux-2.6 <removed>
+ - linux <unfixed>
TODO: check
NOTE: http://www.openwall.com/lists/oss-security/2013/09/13/2
+ NOTE: http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
CVE-2013-4349
RESERVED
CVE-2013-4348
More information about the Secure-testing-commits
mailing list