[Secure-testing-commits] r34156 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun May 10 05:47:23 UTC 2015


Author: carnil
Date: 2015-05-10 05:47:23 +0000 (Sun, 10 May 2015)
New Revision: 34156

Modified:
   data/CVE/list
Log:
Update one wpa/wpasupplicant/hostapd issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-10 05:21:10 UTC (rev 34155)
+++ data/CVE/list	2015-05-10 05:47:23 UTC (rev 34156)
@@ -24,12 +24,13 @@
 	TODO: check
 CVE-2015-XXXX [WPS UPnP vulnerability with HTTP chunked transfer encoding]
 	- wpa <unfixed>
-	- wpasupplicant <removed>
+	- wpasupplicant <removed> (unimportant)
+	[squeeze] - wpasupplicant <not-affected> (Affects v0.7.0-v2.4 with CONFIG_WPS_ER=y in the build configuration)
 	- hostapd <removed>
+	[squeeze] - hostapd <not-affected> (Affects 0.7.0-v2.4 with CONFIG_WPS_UPNP=y in the build configuration and upnp_iface parameter on runtime)
 	NOTE: http://w1.fi/security/2015-2/
 	NOTE: http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/4
-	TODO: check
 CVE-2015-XXXX [incorrect parsing of from header when assigning pgp keys]
 	- semi 1.14.7~0.20120428-17 (bug #784712)
 	[squeeze] - semi <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list