[Secure-testing-commits] r35564 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jul 19 06:57:58 UTC 2015 

Author: carnil
Date: 2015-07-19 06:57:57 +0000 (Sun, 19 Jul 2015)
New Revision: 35564

Modified:
   data/CVE/list
Log:
Update for wolfssl entries, but add a NOTE

Actually fixed with the "initial" upload to unstable after the rename by
upstream.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-18 22:10:10 UTC (rev 35563)
+++ data/CVE/list	2015-07-19 06:57:57 UTC (rev 35564)
@@ -22516,7 +22516,8 @@
 	NOT-FOR-US: WordPress plugin Huge-IT Image Gallery
 CVE-2014-XXXX [cyassl: RSA Padding check vulnerability]
 	- cyassl <unfixed>
-	- wolfssl <undetermined>
+	- wolfssl 3.4.8+dfsg-1
+	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: http://www.yassl.com/yaSSL/Blog/Entries/2014/9/12_CyaSSL_3.2.0_Released.html
 	NOTE: http://www.intelsecurity.com/advanced-threat-research/#
 	NOTE: similar to CVE-2014-1568 in nss
@@ -31248,7 +31249,8 @@
 	[squeeze] - chromium-browser <end-of-life>
 	- conkeror <unfixed> (unimportant)
 	- cyassl <unfixed> (bug #769905)
-	- wolfssl <undetermined>
+	- wolfssl 3.4.8+dfsg-1
+	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	- dwb <unfixed> (unimportant)
 	- openssl 1.0.1j-1
 	[wheezy] - openssl <no-dsa> (Will be addressed through a point update, #774299)
@@ -33270,21 +33272,25 @@
 	RESERVED
 	- cyassl <unfixed> (bug #770229)
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
+	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2903
 	RESERVED
 	- cyassl <unfixed> (bug #770229)
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
+	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2902
 	RESERVED
 	- cyassl <unfixed> (bug #770229)
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
+	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2901
 	RESERVED
 	- cyassl <unfixed> (bug #770229)
 	- wolfssl 3.4.8+dfsg-1 (bug #792646)
+	NOTE: wolfssl actually fixed with the initial upload to unstable after the rename
 	NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2900 (wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 ...)
 	- cyassl 2.9.4+dfsg-1

More information about the Secure-testing-commits mailing list