[Secure-testing-commits] r33121 - in data: CVE DLA DSA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 24 18:27:29 UTC 2015
Author: carnil
Date: 2015-03-24 18:27:29 +0000 (Tue, 24 Mar 2015)
New Revision: 33121
Modified:
data/CVE/list
data/DLA/list
data/DSA/list
Log:
Update tor CVE entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-24 18:21:49 UTC (rev 33120)
+++ data/CVE/list 2015-03-24 18:27:29 UTC (rev 33121)
@@ -1,14 +1,8 @@
CVE-2015-2689 [Assertion failure in dns.c, possibly connected to UDP DoS attack]
- tor 0.2.5.11-1
- [wheezy] - tor 0.2.4.26-1
- [squeeze] - tor 0.2.4.26-1~deb6u1
- NOTE: added workaround, add to data/D[L|S]A/list
NOTE: https://bugs.torproject.org/14129
CVE-2015-2688 [relay could crash with an assertion]
- tor 0.2.5.11-1
- [wheezy] - tor 0.2.4.26-1
- [squeeze] - tor 0.2.4.26-1~deb6u1
- NOTE: added workaround, add to data/D[L|S]A/list
NOTE: https://trac.torproject.org/projects/tor/ticket/15083
CVE-2015-2687 [information leak when live-migration failed]
- nova <unfixed>
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2015-03-24 18:21:49 UTC (rev 33120)
+++ data/DLA/list 2015-03-24 18:27:29 UTC (rev 33121)
@@ -1,6 +1,7 @@
[22 Mar 2015] DLA-179-1 tzdata - new upstream version
[squeeze] - tzdata 2015b-0squeeze1
[22 Mar 2015] DLA-178-1 tor - security update
+ {CVE-2015-2688 CVE-2015-2689}
[squeeze] - tor 0.2.4.26-1~deb6u1
[20 Mar 2015] DLA-177-1 openssl - security update
{CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293}
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2015-03-24 18:21:49 UTC (rev 33120)
+++ data/DSA/list 2015-03-24 18:27:29 UTC (rev 33121)
@@ -2,6 +2,7 @@
{CVE-2015-2317}
[wheezy] - python-django 1.4.5-1+deb7u10
[22 Mar 2015] DSA-3203-1 tor - security update
+ {CVE-2015-2688 CVE-2015-2689}
[wheezy] - tor 0.2.4.26-1
[22 Mar 2015] DSA-3202-1 mono - security update
{CVE-2015-2318 CVE-2015-2319 CVE-2015-2320}
More information about the Secure-testing-commits
mailing list