[Secure-testing-commits] r27158 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jun 5 11:44:01 UTC 2014
Author: carnil
Date: 2014-06-05 11:44:01 +0000 (Thu, 05 Jun 2014)
New Revision: 27158
Modified:
data/CVE/list
Log:
Add openssl issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-05 11:18:12 UTC (rev 27157)
+++ data/CVE/list 2014-06-05 11:44:01 UTC (rev 27158)
@@ -1017,8 +1017,9 @@
RESERVED
CVE-2014-3471
RESERVED
-CVE-2014-3470
+CVE-2014-3470 [Anonymous ECDH denial of service]
RESERVED
+ - openssl <unfixed>
CVE-2014-3469
RESERVED
- libtasn1-3 <removed>
@@ -9861,8 +9862,9 @@
RESERVED
CVE-2014-0225
RESERVED
-CVE-2014-0224
+CVE-2014-0224 [SSL/TLS MITM vulnerability]
RESERVED
+ - openssl <unfixed>
CVE-2014-0223 [qcow1: Validate image size]
RESERVED
- qemu 2.0.0+dfsg-6
@@ -9877,8 +9879,9 @@
[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
-CVE-2014-0221
+CVE-2014-0221 [DTLS recursion flaw]
RESERVED
+ - openssl <unfixed>
CVE-2014-0220
RESERVED
CVE-2014-0219
@@ -9955,8 +9958,9 @@
- linux 3.14.4-1 (bug #747166)
- linux-2.6 <removed>
NOTE: PoC: http://pastebin.com/yTSFUBgZ
-CVE-2014-0195
+CVE-2014-0195 [DTLS invalid fragment vulnerability]
RESERVED
+ - openssl <unfixed>
CVE-2014-0194
RESERVED
CVE-2014-0193 (WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before ...)
More information about the Secure-testing-commits
mailing list