[Secure-testing-commits] r43928 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-08-11 04:26:14 +0000 (Thu, 11 Aug 2016)
New Revision: 43928

Modified:
   data/CVE/list
Log:
Add note for GnuTLS for the nettle update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-08-11 04:26:06 UTC (rev 43927)
+++ data/CVE/list	2016-08-11 04:26:14 UTC (rev 43928)
@@ -524,6 +524,8 @@
 	NOTE: Original patch had some unintended side effects: https://lists.lysator.liu.se/pipermail/nettle-bugs/2016/003104.html
 	NOTE: Cf. http://www.openwall.com/lists/oss-security/2016/07/30/2
 	NOTE: Additionally needed: https://git.lysator.liu.se/nettle/nettle/commit/52b9223126b3f997c00d399166c006ae28669068
+	NOTE: GnuTLS needs an update when/before src:nettle is fixed to continue working with patched src:nettle for CVE-2016-6489
+	NOTE: but not a vulnerability in GnuTLS. Needs https://gitlab.com/gnutls/gnutls/commit/186dc9c2012003587a38d7f4d03edd8da5fe989f
 CVE-2016-6485
 	RESERVED
 CVE-2016-6484