[Secure-testing-commits] r32293 - data/CVE

Tue Feb 17 21:35:03 UTC 2015

Author: carnil
Date: 2015-02-17 21:35:03 +0000 (Tue, 17 Feb 2015)
New Revision: 32293

Modified:
   data/CVE/list
Log:
Update information for gnupg, affects as well 1.4 as confirmed by maintainer

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-02-17 21:32:15 UTC (rev 32292)
+++ data/CVE/list	2015-02-17 21:35:03 UTC (rev 32293)
@@ -15,17 +15,15 @@
 CVE-2015-1607 [memcpy with overlapping ranges, resulting from incorrect bitwise left shifts]
 	[experimental] - gnupg2 2.1.2-1
 	- gnupg2 <unfixed> (bug #778577)
-	- gnupg <undetermined>
+	- gnupg <unfixed>
 	NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2183683bd633818dd031b090b5530951de76f392
-	NOTE: Asked maintainers for gnupg
 CVE-2015-1606 [use after free resulting from failure to skip invalid packets]
 	[experimental] - gnupg2 2.1.2-1
 	- gnupg2 <unfixed> (bug #778577)
-	- gnupg <undetermined>
+	- gnupg <unfixed>
 	NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648
-	NOTE: Asked maintainers for gnupg
 CVE-2015-1604
 	NOT-FOR-US: Landsknecht Adminsystems
 CVE-2015-1603


