[Secure-testing-commits] r28138 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-08-08 04:59:04 +0000 (Fri, 08 Aug 2014)
New Revision: 28138

Modified:
   data/CVE/list
Log:
Add (back) openssl description with braket syntax as long they don't have official description from MITRE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-07 21:14:13 UTC (rev 28137)
+++ data/CVE/list	2014-08-08 04:59:04 UTC (rev 28138)
@@ -118,7 +118,7 @@
 	RESERVED
 CVE-2014-5140
 	RESERVED
-CVE-2014-5139
+CVE-2014-5139 [Crash with SRP ciphersuite in Server Hello message]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
@@ -3901,38 +3901,38 @@
 	RESERVED
 CVE-2014-3513
 	RESERVED
-CVE-2014-3512
+CVE-2014-3512 [SRP buffer overrun]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
-CVE-2014-3511
+CVE-2014-3511 [TLS protocol downgrade attack]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (Doesn't support TLS higher than 1.0)
-CVE-2014-3510
+CVE-2014-3510 [DTLS anonymous (EC)DH denial of service]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
-CVE-2014-3509
+CVE-2014-3509 [Race condition in ssl_parse_serverhello_tlsext]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
-CVE-2014-3508
+CVE-2014-3508 [Information leak in pretty printing functions]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
-CVE-2014-3507
+CVE-2014-3507 [DTLS memory leak from zero-length fragments]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
-CVE-2014-3506
+CVE-2014-3506 [DTLS memory exhaustion]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
-CVE-2014-3505
+CVE-2014-3505 [Double Free when processing DTLS packets]
 	RESERVED
 	{DSA-2998-1}
 	- openssl 1.0.1i-1