[Secure-testing-commits] r32297 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 17 22:09:06 UTC 2015
Author: carnil
Date: 2015-02-17 22:09:06 +0000 (Tue, 17 Feb 2015)
New Revision: 32297
Modified:
data/CVE/list
Log:
Update entry for CVE-2015-1606 and CVE-2015-1607
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-17 21:43:38 UTC (rev 32296)
+++ data/CVE/list 2015-02-17 22:09:06 UTC (rev 32297)
@@ -19,14 +19,18 @@
- icu <unfixed> (low; bug #778511)
CVE-2015-1607 [memcpy with overlapping ranges, resulting from incorrect bitwise left shifts]
[experimental] - gnupg2 2.1.2-1
- - gnupg2 <unfixed> (bug #778577)
+ - gnupg2 2.0.26-5 (bug #778577)
+ [wheezy] - gnupg2 <no-dsa> (Minor issue)
- gnupg <unfixed>
+ [wheezy] - gnupg <no-dsa> (Minor issue)
NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2183683bd633818dd031b090b5530951de76f392
CVE-2015-1606 [use after free resulting from failure to skip invalid packets]
[experimental] - gnupg2 2.1.2-1
- - gnupg2 <unfixed> (bug #778577)
+ - gnupg2 2.0.26-5 (bug #778577)
+ [wheezy] - gnupg2 <no-dsa> (Minor issue)
- gnupg <unfixed>
+ [wheezy] - gnupg <no-dsa> (Minor issue)
NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648
CVE-2015-1604
More information about the Secure-testing-commits
mailing list