[Secure-testing-commits] r26330 - data/CVE
Michael Gilbert
mgilbert at moszumanska.debian.org
Sat Mar 29 00:36:07 UTC 2014
Author: mgilbert
Date: 2014-03-29 00:36:05 +0000 (Sat, 29 Mar 2014)
New Revision: 26330
Modified:
data/CVE/list
Log:
bug submitted for openssl issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-29 00:22:27 UTC (rev 26329)
+++ data/CVE/list 2014-03-29 00:36:05 UTC (rev 26330)
@@ -6844,7 +6844,7 @@
- linux <unfixed>
- linux-2.6 <not-affected> (Vulnerable code not present)
CVE-2014-0076 (The Montgomery ladder implementation in OpenSSL through 1.0.0l does ...)
- - openssl <unfixed> (low)
+ - openssl <unfixed> (low; bug #742923)
[wheezy] - openssl <no-dsa> (Minor issue, local attack)
NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=f9b6c0ba4c02497782f801e3c45688f3efaac55c
CVE-2014-0075
@@ -14084,7 +14084,7 @@
- tiff 4.0.3-3
- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
CVE-2013-4243 (Heap-based buffer overflow in the readgifimage function in the ...)
- - tiff <unfixed> (bug #742917)
+ - tiff <unfixed> (low; bug #742917)
[wheezy] - tiff <no-dsa> (only affects the gif2tiff command-line tool)
[squeeze] - tiff <no-dsa> (only affects the gif2tiff command-line tool)
- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
@@ -14139,7 +14139,7 @@
- libmodplug 1:0.8.8.4-4 (bug #719462)
CVE-2013-4232 (Use-after-free vulnerability in the t2p_readwrite_pdf_image function ...)
{DSA-2744-1}
- - tiff 4.0.3-2 (low; bug #719303)
+ - tiff 4.0.3-2 (bug #719303)
- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
CVE-2013-4231 (Multiple buffer overflows in libtiff before 4.0.3 allow remote ...)
{DSA-2744-1}
More information about the Secure-testing-commits
mailing list