[Secure-testing-commits] r38153 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 7 20:38:48 UTC 2015
Author: carnil
Date: 2015-12-07 20:38:48 +0000 (Mon, 07 Dec 2015)
New Revision: 38153
Modified:
data/CVE/list
Log:
Add CVE-2015-8034/salt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-07 20:18:04 UTC (rev 38152)
+++ data/CVE/list 2015-12-07 20:38:48 UTC (rev 38153)
@@ -1159,8 +1159,11 @@
[squeeze] - polarssl <not-affected> (Vulnerable code introduced later)
NOTE: support for session tickets added in 1.3.0.
NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
-CVE-2015-8034
+CVE-2015-8034 [information leak from state.sls cache data stored as world-readable]
RESERVED
+ - salt <unfixed>
+ NOTE: https://github.com/cachedout/salt/commit/097838ec0c52b1e96f7f761e5fb3cd7e79808741
+ NOTE: https://github.com/saltstack/salt/issues/28455
CVE-2014-9755
RESERVED
CVE-2014-9754
More information about the Secure-testing-commits
mailing list