[Secure-testing-commits] r33121 - in data: CVE DLA DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 24 18:27:29 UTC 2015 

Author: carnil
Date: 2015-03-24 18:27:29 +0000 (Tue, 24 Mar 2015)
New Revision: 33121

Modified:
   data/CVE/list
   data/DLA/list
   data/DSA/list
Log:
Update tor CVE entries

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-24 18:21:49 UTC (rev 33120)
+++ data/CVE/list	2015-03-24 18:27:29 UTC (rev 33121)
@@ -1,14 +1,8 @@
 CVE-2015-2689 [Assertion failure in dns.c, possibly connected to UDP DoS attack]
 	- tor 0.2.5.11-1
-	[wheezy] - tor 0.2.4.26-1
-	[squeeze] - tor 0.2.4.26-1~deb6u1
-	NOTE: added workaround, add to data/D[L|S]A/list
 	NOTE: https://bugs.torproject.org/14129
 CVE-2015-2688 [relay could crash with an assertion]
 	- tor 0.2.5.11-1
-	[wheezy] - tor 0.2.4.26-1
-	[squeeze] - tor 0.2.4.26-1~deb6u1
-	NOTE: added workaround, add to data/D[L|S]A/list
 	NOTE: https://trac.torproject.org/projects/tor/ticket/15083
 CVE-2015-2687 [information leak when live-migration failed]
 	- nova <unfixed>

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2015-03-24 18:21:49 UTC (rev 33120)
+++ data/DLA/list	2015-03-24 18:27:29 UTC (rev 33121)
@@ -1,6 +1,7 @@
 [22 Mar 2015] DLA-179-1 tzdata - new upstream version
 	[squeeze] - tzdata 2015b-0squeeze1 
 [22 Mar 2015] DLA-178-1 tor - security update
+	{CVE-2015-2688 CVE-2015-2689}
         [squeeze] - tor 0.2.4.26-1~deb6u1
 [20 Mar 2015] DLA-177-1 openssl - security update
 	{CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293}

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-03-24 18:21:49 UTC (rev 33120)
+++ data/DSA/list	2015-03-24 18:27:29 UTC (rev 33121)
@@ -2,6 +2,7 @@
 	{CVE-2015-2317}
 	[wheezy] - python-django 1.4.5-1+deb7u10
 [22 Mar 2015] DSA-3203-1 tor - security update
+	{CVE-2015-2688 CVE-2015-2689}
 	[wheezy] - tor 0.2.4.26-1
 [22 Mar 2015] DSA-3202-1 mono - security update
 	{CVE-2015-2318 CVE-2015-2319 CVE-2015-2320}

More information about the Secure-testing-commits mailing list