[Secure-testing-commits] r32707 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Mon Mar 9 15:20:02 UTC 2015
Author: hertzog
Date: 2015-03-09 15:20:02 +0000 (Mon, 09 Mar 2015)
New Revision: 32707
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Add gnupg to dla-needed.txt and add no-dsa tags to match choices of the security team
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-09 15:00:21 UTC (rev 32706)
+++ data/CVE/list 2015-03-09 15:20:02 UTC (rev 32707)
@@ -1430,8 +1430,10 @@
[experimental] - gnupg2 2.1.2-1
- gnupg2 2.0.26-5 (bug #778577)
[wheezy] - gnupg2 <no-dsa> (Minor issue)
+ [squeeze] - gnupg2 <no-dsa> (Minor issue)
- gnupg 1.4.18-7 (bug #778652)
[wheezy] - gnupg <no-dsa> (Minor issue)
+ [squeeze] - gnupg <no-dsa> (Minor issue)
NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2183683bd633818dd031b090b5530951de76f392
CVE-2015-1606 [use after free resulting from failure to skip invalid packets]
@@ -1439,8 +1441,10 @@
[experimental] - gnupg2 2.1.2-1
- gnupg2 2.0.26-5 (bug #778577)
[wheezy] - gnupg2 <no-dsa> (Minor issue)
+ [squeeze] - gnupg2 <no-dsa> (Minor issue)
- gnupg 1.4.18-7 (bug #778652)
[wheezy] - gnupg <no-dsa> (Minor issue)
+ [squeeze] - gnupg <no-dsa> (Minor issue)
NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648
CVE-2015-1604 (Unrestricted file upload vulnerability in asys/site/files.php in ...)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2015-03-09 15:00:21 UTC (rev 32706)
+++ data/dla-needed.txt 2015-03-09 15:20:02 UTC (rev 32707)
@@ -25,6 +25,8 @@
freetype (Ben Hutchings)
http://lists.debian.org/86sidwsd5t.fsf@hiro.keithp.com
--
+gnupg
+--
icu
--
imagemagick
More information about the Secure-testing-commits
mailing list