[Secure-testing-commits] r37650 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 10 18:35:21 UTC 2015
Author: carnil
Date: 2015-11-10 18:35:21 +0000 (Tue, 10 Nov 2015)
New Revision: 37650
Modified:
data/CVE/list
Log:
Add CVE-2015-5316/wpa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-10 18:33:17 UTC (rev 37649)
+++ data/CVE/list 2015-11-10 18:35:21 UTC (rev 37650)
@@ -7072,8 +7072,15 @@
RESERVED
CVE-2015-5317
RESERVED
-CVE-2015-5316
+CVE-2015-5316 [EAP-pwd peer error path failure on unexpected Confirm message]
RESERVED
+ - wpa <unfixed>
+ [wheezy] - wpa <not-affected> (v2.3-v2.5 with CONFIG_EAP_PWD=y)
+ - wpasupplicant <not-affected> (v2.3-v2.5 with CONFIG_EAP_PWD=y)
+ - hostapd <not-affected> (v2.3-v2.5 with CONFIG_EAP_PWD=y)
+ NOTE: http://w1.fi/security/2015-8/
+ NOTE: https://w1.fi/security/2015-8/eap-pwd-unexpected-confirm.txt
+ NOTE: https://w1.fi/security/2015-8/0001-EAP-pwd-peer-Fix-error-path-for-unexpected-Confirm-m.patch
CVE-2015-5315 [wpa_supplicant: EAP-pwd missing last fragment length validation]
RESERVED
- wpa <unfixed>
More information about the Secure-testing-commits
mailing list