[Secure-testing-commits] r34752 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jun 6 08:03:48 UTC 2015
Author: carnil
Date: 2015-06-06 08:03:48 +0000 (Sat, 06 Jun 2015)
New Revision: 34752
Modified:
data/CVE/list
Log:
Add CVE-2015-4001/linux
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-06 07:28:05 UTC (rev 34751)
+++ data/CVE/list 2015-06-06 08:03:48 UTC (rev 34752)
@@ -528,8 +528,14 @@
RESERVED
CVE-2015-4002
RESERVED
-CVE-2015-4001
+CVE-2015-4001 [ozwpan: Use unsigned ints to prevent heap overflow]
RESERVED
+ - linux <unfixed> (unimportant)
+ [wheezy] - linux <not-affected> (ozwpan driver not present)
+ - linux-2.6 <not-affected> (ozwpan driver not present)
+ NOTE: https://git.kernel.org/cgit/linux/kernel/git/gregkh/staging.git/commit/?id=b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c
+ NOTE: https://lkml.org/lkml/2015/5/13/744
+ NOTE: Not enabled in Debian kernels; staging drivers are not supported
CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ...)
NOTE: CVE assigned specific to vulnerability in the TLS protocol that was
NOTE: disclosed in section 3.2 of the
More information about the Secure-testing-commits
mailing list