[Secure-testing-commits] r39740 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Feb 17 11:41:10 UTC 2016
Author: carnil
Date: 2016-02-17 11:41:10 +0000 (Wed, 17 Feb 2016)
New Revision: 39740
Modified:
data/CVE/list
Log:
CVE-2016-1494/python-rsa, #809980 fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-17 10:48:05 UTC (rev 39739)
+++ data/CVE/list 2016-02-17 11:41:10 UTC (rev 39740)
@@ -3217,7 +3217,7 @@
NOTE: Fixed as well in v3.16.7-ckt18 (commit: 6a64d8c4c07c176abee384803f28fa1507963369)
NOTE: Introduced by: https://git.kernel.org/linus/ec011fe847347b40c60fdb5085f65227762e2e08 (v3.13-rc1)
CVE-2016-1494 (The verify function in the RSA package for Python (Python-RSA) before ...)
- - python-rsa <unfixed> (bug #809980)
+ - python-rsa 3.2.3-1.1 (bug #809980)
NOTE: proposed fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
NOTE: https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
CVE-2015-8604 [SQL Injection in graphs_new.php]
More information about the Secure-testing-commits
mailing list