[Secure-testing-commits] r36119 - in data: CVE DSA

Mon Aug 17 18:24:58 UTC 2015

Author: carnil
Date: 2015-08-17 18:24:58 +0000 (Mon, 17 Aug 2015)
New Revision: 36119

Modified:
   data/CVE/list
   data/DSA/list
Log:
CVE assigned for GNUTLS-SA-2015-3

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-08-17 18:22:24 UTC (rev 36118)
+++ data/CVE/list	2015-08-17 18:24:58 UTC (rev 36119)
@@ -130,9 +130,8 @@
 	NOTE: https://github.com/golang/go/issues/12027
 	NOTE: https://github.com/golang/go/commit/26049f6f9171d1190f3bbe05ec304845cfe6399f
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/06/2
-CVE-2015-XXXX [GNUTLS-SA-2015-3 double free in certificate DN decoding]
+CVE-2015-6251 [GNUTLS-SA-2015-3 double free in certificate DN decoding]
 	- gnutls28 3.3.17-1 (bug #795068)
-	[jessie] - gnutls28 3.3.8-6+deb8u2
 	NOTE: Added workaround item until CVE assigned
 	- gnutls26 <not-affected> (Vulnerable code not present)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/10/1

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-08-17 18:22:24 UTC (rev 36118)
+++ data/DSA/list	2015-08-17 18:24:58 UTC (rev 36119)
@@ -3,6 +3,7 @@
 	[wheezy] - request-tracker4 4.0.7-5+deb7u4
 	[jessie] - request-tracker4 4.2.8-3+deb8u1
 [12 Aug 2015] DSA-3334-1 gnutls28 - security update
+	{CVE-2015-6251}
 	[jessie] - gnutls28 3.3.8-6+deb8u2
 [12 Aug 2015] DSA-3333-1 iceweasel - security update
 	{CVE-2015-4473 CVE-2015-4478 CVE-2015-4479 CVE-2015-4480 CVE-2015-4484 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4492 CVE-2015-4493 CVE-2015-4475}


