[Secure-testing-commits] r39540 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Feb 8 14:56:33 UTC 2016
Author: carnil
Date: 2016-02-08 14:56:33 +0000 (Mon, 08 Feb 2016)
New Revision: 39540
Modified:
data/CVE/list
Log:
Mark nettle as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-08 14:53:57 UTC (rev 39539)
+++ data/CVE/list 2016-02-08 14:56:33 UTC (rev 39540)
@@ -345,12 +345,14 @@
CVE-2015-8805 [miscomputation bugs in secp-256r1 modulo functions]
RESERVED
- nettle 3.2-1 (bug #813679)
+ [jessie] - nettle <no-dsa> (Minor issue; will be fixed via a point release)
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
CVE-2015-8804 [Miscalculations on secp384 curve]
RESERVED
- nettle 3.2-1 (bug #813679)
+ [jessie] - nettle <no-dsa> (Minor issue; will be fixed via a point release)
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html
@@ -358,6 +360,7 @@
CVE-2015-8803 [secp256 calculation bug]
RESERVED
- nettle 3.2-1 (bug #813679)
+ [jessie] - nettle <no-dsa> (Minor issue; will be fixed via a point release)
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html
More information about the Secure-testing-commits
mailing list