[Secure-testing-commits] r36980 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Sun Oct 4 13:48:15 UTC 2015
Author: hertzog
Date: 2015-10-04 13:48:15 +0000 (Sun, 04 Oct 2015)
New Revision: 36980
Modified:
data/CVE/list
Log:
Mention offer of help from a bouncycastle upstream author
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-04 11:07:56 UTC (rev 36979)
+++ data/CVE/list 2015-10-04 13:48:15 UTC (rev 36980)
@@ -1584,6 +1584,7 @@
NOTE: https://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
NOTE: Commits: https://github.com/bcgit/bc-java/commit/5cb2f05
NOTE: Possibly needed to include as well: hptts://github.com/bcgit/bc-java/commit/e25e94a
+ NOTE: Peter Dettman <peter.dettman at bouncycastle.org> offered to assist if backporting fails and to review the result.
CVE-2015-6939 (Cross-site scripting (XSS) vulnerability in the login module in ...)
NOT-FOR-US: Joomla
CVE-2015-6936
More information about the Secure-testing-commits
mailing list