[Secure-testing-commits] r29078 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-09-26 15:15:46 +0000 (Fri, 26 Sep 2014)
New Revision: 29078

Modified:
   data/CVE/list
Log:
Add two zeromq issues, no CVE yet

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-26 15:13:04 UTC (rev 29077)
+++ data/CVE/list	2014-09-26 15:15:46 UTC (rev 29078)
@@ -1,3 +1,11 @@
+CVE-2014-XXXX [does not implement uniqueness check on connection nonces]
+	- zeromq <unfixed>
+	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1191
+	TODO: check
+CVE-2014-XXXX [does not validate the other party's security handshake properly]
+	- zeromq <unfixed>
+	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1190
+	TODO: check
 CVE-2014-XXXX [Go crypto/tls vulnerability]
 	- golang <unfixed>
 	NOTE: https://groups.google.com/forum/#!msg/golang-nuts/eeOHNw_shwU/OHALUmroA5kJ