[Secure-testing-commits] r34564 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu May 28 18:38:21 UTC 2015 

Author: jmm
Date: 2015-05-28 18:38:21 +0000 (Thu, 28 May 2015)
New Revision: 34564

Modified:
   data/CVE/list
Log:
libksba, python no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-28 17:07:27 UTC (rev 34563)
+++ data/CVE/list	2015-05-28 18:38:21 UTC (rev 34564)
@@ -174,9 +174,14 @@
 	- python3.4 3.4~b1-4
 	- python3.3 3.3.3-1
 	- python3.2 <removed>
+	[wheezy] - python3.2 <no-dsa> (Minor issue, too intrusive to backport)
 	- python3.1 <removed>
 	- python2.7 <unfixed>
+	[wheezy] - python2.7 <no-dsa> (Minor issue, too intrusive to backport)
+	[jessie] - python2.7 <no-dsa> (Minor issue, too intrusive to backport)
+	[stretch] - python2.7 <no-dsa> (Minor issue, too intrusive to backport)
 	- python2.6 <removed>
+	[wheezy] - python2.6 <no-dsa> (Minor issue, too intrusive to backport)
 	- python2.5 <removed>
 	NOTE: https://bugs.python.org/issue17997#msg194950
 	NOTE: https://hg.python.org/cpython/rev/10d0edadbcdd
@@ -2782,15 +2787,24 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/14/14
 	NOTE: http://thread.gmane.org/gmane.linux.network/359588
 CVE-2015-XXXX [denial of service due to stack overflow in src/ber-decoder.c]
-	- libksba 1.3.3-1
+	- libksba 1.3.3-1 (low)
+	[squeeze] - libksba <no-dsa> (Minor issue)
+	[wheezy] - libksba <no-dsa> (Minor issue)
+	[jessie] - libksba <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a
 CVE-2015-XXXX [integer overflow in the BER decoder src/ber-decoder.c]
-	- libksba 1.3.3-1
+	- libksba 1.3.3-1 (low)
+	[squeeze] - libksba <no-dsa> (Minor issue)
+	[wheezy] - libksba <no-dsa> (Minor issue)
+	[jessie] - libksba <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=aea7b6032865740478ca4b706850a5217f1c3887
 CVE-2015-XXXX [integer overflow in the DN decoder src/dn.c]
-	- libksba 1.3.3-1
+	- libksba 1.3.3-1 (low)
+	[squeeze] - libksba <no-dsa> (Minor issue)
+	[wheezy] - libksba <no-dsa> (Minor issue)
+	[jessie] - libksba <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/13/5
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
 CVE-2015-3310 (Buffer overflow in the rc_mksid function in plugins/radius/util.c in ...)

More information about the Secure-testing-commits mailing list