[Secure-testing-commits] r37841 - data/CVE
David Prévot
taffit at moszumanska.debian.org
Tue Nov 24 02:39:58 UTC 2015
Author: taffit
Date: 2015-11-24 02:39:58 +0000 (Tue, 24 Nov 2015)
New Revision: 37841
Modified:
data/CVE/list
Log:
Add CVE-2015-812{4,5}/symfony
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-24 02:39:41 UTC (rev 37840)
+++ data/CVE/list 2015-11-24 02:39:58 UTC (rev 37841)
@@ -470,10 +470,16 @@
[squeeze] - smartmontools <no-dsa> (Minor issue)
[wheezy] - smartmontools <no-dsa> (Minor issue)
[jessie] - smartmontools <no-dsa> (Minor issue)
-CVE-2015-8125
+CVE-2015-8125 [Potential Remote Timing Attack Vulnerability in Security Remember-Me Service]
RESERVED
-CVE-2015-8124
+ - symfony <unfixed>
+ NOTE: http://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service
+ NOTE: https://github.com/symfony/symfony/pull/16630
+CVE-2015-8124 [Session Fixation in the "Remember Me" Login Feature]
RESERVED
+ - symfony <unfixed>
+ NOTE: http://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature
+ NOTE: https://github.com/symfony/symfony/pull/16631
CVE-2015-8123
RESERVED
CVE-2015-8122
More information about the Secure-testing-commits
mailing list