[Secure-testing-commits] r37841 - data/CVE

David Prévot taffit at moszumanska.debian.org
Tue Nov 24 02:39:58 UTC 2015


Author: taffit
Date: 2015-11-24 02:39:58 +0000 (Tue, 24 Nov 2015)
New Revision: 37841

Modified:
   data/CVE/list
Log:
Add CVE-2015-812{4,5}/symfony

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-24 02:39:41 UTC (rev 37840)
+++ data/CVE/list	2015-11-24 02:39:58 UTC (rev 37841)
@@ -470,10 +470,16 @@
 	[squeeze] - smartmontools <no-dsa> (Minor issue)
 	[wheezy] - smartmontools <no-dsa> (Minor issue)
 	[jessie] - smartmontools <no-dsa> (Minor issue)
-CVE-2015-8125
+CVE-2015-8125 [Potential Remote Timing Attack Vulnerability in Security Remember-Me Service]
 	RESERVED
-CVE-2015-8124
+	- symfony <unfixed>
+	NOTE: http://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service
+	NOTE: https://github.com/symfony/symfony/pull/16630
+CVE-2015-8124 [Session Fixation in the "Remember Me" Login Feature]
 	RESERVED
+	- symfony <unfixed>
+	NOTE: http://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature
+	NOTE: https://github.com/symfony/symfony/pull/16631
 CVE-2015-8123
 	RESERVED
 CVE-2015-8122




More information about the Secure-testing-commits mailing list