[Secure-testing-commits] r29697 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Oct 28 05:47:22 UTC 2014
Author: carnil
Date: 2014-10-28 05:47:22 +0000 (Tue, 28 Oct 2014)
New Revision: 29697
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2013-4442 and change bug reference to isolated bugreport
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-28 05:45:51 UTC (rev 29696)
+++ data/CVE/list 2014-10-28 05:47:22 UTC (rev 29697)
@@ -28434,7 +28434,7 @@
REJECTED
CVE-2013-4442 [Silent fallback to insecure entropy]
RESERVED
- - pwgen <unfixed> (unimportant; bug #726578)
+ - pwgen 2.07-1 (unimportant; bug #767008)
NOTE: /dev/random is universally available, if an attacker can create an environment
NOTE: where it's not available that opens a far bigger can of worms
CVE-2013-4441 [Phonemes mode has heavy bias and is enabled by default]
More information about the Secure-testing-commits
mailing list