[Secure-testing-commits] r39524 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Feb 6 18:49:28 UTC 2016
Author: carnil
Date: 2016-02-06 18:49:28 +0000 (Sat, 06 Feb 2016)
New Revision: 39524
Modified:
data/CVE/list
Log:
Three CVEs for nettle fixed in unstable, #813679
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-06 17:47:10 UTC (rev 39523)
+++ data/CVE/list 2016-02-06 18:49:28 UTC (rev 39524)
@@ -333,20 +333,20 @@
TODO: confirm if squeeze is affected as well
CVE-2015-8805 [miscomputation bugs in secp-256r1 modulo functions]
RESERVED
- - nettle <unfixed> (bug #813679)
+ - nettle 3.2-1 (bug #813679)
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
CVE-2015-8804 [Miscalculations on secp384 curve]
RESERVED
- - nettle <unfixed> (bug #813679)
+ - nettle 3.2-1 (bug #813679)
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html
NOTE: https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7
CVE-2015-8803 [secp256 calculation bug]
RESERVED
- - nettle <unfixed> (bug #813679)
+ - nettle 3.2-1 (bug #813679)
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html
More information about the Secure-testing-commits
mailing list