[Secure-testing-commits] r37034 - data/CVE
Paul Wise
pabs at moszumanska.debian.org
Wed Oct 7 15:08:00 UTC 2015
Author: pabs
Date: 2015-10-07 15:07:59 +0000 (Wed, 07 Oct 2015)
New Revision: 37034
Modified:
data/CVE/list
Log:
Add information about CVE-2015-5291 in polarssl/mbed-tls
Thanks-to: aiko on #debian-security
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-07 09:10:12 UTC (rev 37033)
+++ data/CVE/list 2015-10-07 15:07:59 UTC (rev 37034)
@@ -5827,8 +5827,10 @@
[squeeze] - sssd <not-affected> (vulnerable code not present)
NOTE: https://fedorahosted.org/sssd/ticket/2803
NOTE: https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch
-CVE-2015-5291
+CVE-2015-5291 [Remote attack on clients using session tickets or SNI]
RESERVED
+ - polarssl <unfixed>
+ NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
CVE-2015-5290
RESERVED
CVE-2015-5289
More information about the Secure-testing-commits
mailing list