[Secure-testing-commits] r32822 - in data: . CVE DSA

[Thijs Kinkhorst]

Author: thijs
Date: 2015-03-12 17:47:10 +0000 (Thu, 12 Mar 2015)
New Revision: 32822

Modified:
   data/CVE/list
   data/DSA/list
   data/dsa-needed.txt
Log:
DSA gnupg, libgcrypt11


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-12 15:43:55 UTC (rev 32821)
+++ data/CVE/list	2015-03-12 17:47:10 UTC (rev 32822)
@@ -7458,7 +7458,7 @@
 CVE-2015-0296
 	RESERVED
 	- texlive-base <not-affected> (Specific to Red Hat packaging/postinst)
-CVE-2015-0295
+CVE-2015-0295 [DoS vulnerability in BMP images handler]
 	RESERVED
 	- qt4-x11 4:4.8.6+git64-g5dc8b2b+dfsg-3 (bug #779550)
 	[wheezy] - qt4-x11 <no-dsa> (Minor issue)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-03-12 15:43:55 UTC (rev 32821)
+++ data/DSA/list	2015-03-12 17:47:10 UTC (rev 32822)
@@ -1,3 +1,9 @@
+[12 Mar 2015] DSA-3185-1 libgcrypt11 - security update
+	{CVE-2014-3591 CVE-2015-0837}
+	- libgcrypt11 1.5.0-5+deb7u3
+[12 Mar 2015] DSA-3184-1 gnupg - security update
+	{CVE-2014-3591 CVE-2015-0837 CVE-2015-1606}
+	- gnupg 1.4.12-7+deb7u7
 [12 Mar 2015] DSA-3183-1 movabletype-opensource - security update
 	{CVE-2013-2184 CVE-2014-9057 CVE-2015-1592}
 	[wheezy] - movabletype-opensource 5.1.4+dfsg-4+deb7u2

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2015-03-12 15:43:55 UTC (rev 32821)
+++ data/dsa-needed.txt	2015-03-12 17:47:10 UTC (rev 32822)
@@ -19,9 +19,6 @@
 --
 freetype (jmm)
 --
-gnupg (ghedo)
- no-dsa issues could be fixed along
---
 icu (mgilbert)
 --
 imagemagick
@@ -32,8 +29,6 @@
 --
 libav
 --
-libgcrypt11 (ghedo)
---
 libphp-snoopy
 --
 linux