[Secure-testing-commits] r32581 - data/CVE
Thijs Kinkhorst
thijs at moszumanska.debian.org
Mon Mar 2 18:15:00 UTC 2015
Author: thijs
Date: 2015-03-02 18:15:00 +0000 (Mon, 02 Mar 2015)
New Revision: 32581
Modified:
data/CVE/list
Log:
update for gnupg issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-02 16:53:17 UTC (rev 32580)
+++ data/CVE/list 2015-03-02 18:15:00 UTC (rev 32581)
@@ -3770,11 +3770,12 @@
RESERVED
CVE-2015-0838
RESERVED
-CVE-2015-0837
+CVE-2015-0837 [data-dependent timing variations in modular exponentiation]
RESERVED
- libgcrypt11 <unfixed>
- libgcrypt20 1.6.3-2
- gnupg <unfixed>
+ NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6cbc75e71295f23431c4ab95edc7573f2fc28476
CVE-2015-0836 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
{DSA-3174-1}
- iceweasel 31.5.0esr-1
@@ -20922,11 +20923,13 @@
CVE-2014-3592
RESERVED
NOT-FOR-US: OpenShift Origin
-CVE-2014-3591
+CVE-2014-3591 [sidechannel attack on Elgamal]
RESERVED
- libgcrypt11 <unfixed>
- libgcrypt20 1.6.3-2
- gnupg <unfixed>
+ NOTE: http://www.cs.tau.ac.il/~tromer/radioexp/
+ NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=ff53cf06e966dce0daba5f2c84e03ab9db2c3c8b
CVE-2014-3590
RESERVED
- foreman <itp> (bug #663101)
More information about the Secure-testing-commits
mailing list