[Secure-testing-commits] r33687 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-04-19 18:12:52 +0000 (Sun, 19 Apr 2015)
New Revision: 33687

Modified:
   data/CVE/list
Log:
Split up libmodule-signature-perl issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-19 17:47:11 UTC (rev 33686)
+++ data/CVE/list	2015-04-19 18:12:52 UTC (rev 33687)
@@ -928,12 +928,22 @@
 CVE-2014-9714 (Cross-site scripting (XSS) vulnerability in the ...)
 	- hhvm <itp> (bug #570709)
 	NOTE: https://github.com/facebook/hhvm/commit/324701c9fd31beb4f070f1b7ef78b115fbdfec34
-CVE-2015-XXXX [fixes related to 8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f]
+CVE-2015-XXXX [unsigned files interpreted as signed in some circumstances]
 	- libmodule-signature-perl <unfixed>
+	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/07/1
-CVE-2015-XXXX [fixes related to c41e8885b862b9fce2719449bc9336f0bea658ef]
+CVE-2015-XXXX [arbitrary code execution during test phase]
 	- libmodule-signature-perl <unfixed>
+	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/07/1
+CVE-2015-XXXX [arbitrary code execution when verifying module signatures]
+	- libmodule-signature-perl <unfixed>
+	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/07/1
+CVE-2015-XXXX [arbitrary modules loading in some circumstances]
+	- libmodule-signature-perl <unfixed>
+	NOTE: Upstream fix: https://github.com/audreyt/module-signature/commit/c41e8885b862b9fce2719449bc9336f0bea658ef
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/07/1
 CVE-2015-2921
 	RESERVED
 CVE-2015-2920