[Secure-testing-commits] r39864 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 23 20:37:06 UTC 2016
Author: carnil
Date: 2016-02-23 20:37:06 +0000 (Tue, 23 Feb 2016)
New Revision: 39864
Modified:
data/CVE/list
Log:
Add CVE-2016-219{4,5,6}/botan1.10
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-23 20:28:50 UTC (rev 39863)
+++ data/CVE/list 2016-02-23 20:37:06 UTC (rev 39864)
@@ -991,12 +991,21 @@
- libav <removed>
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=0aada30510d809bccfd539a90ea37b61188f2cb4
-CVE-2016-2196
+CVE-2016-2196 [Overwrite in P-521 reduction]
RESERVED
-CVE-2016-2195
+ - botan1.10 <not-affected> (Introduced in 1.11.10)
+ NOTE: Introduced in 1.11.10, fixed in 1.11.27
+ NOTE: http://botan.randombit.net/security.html
+CVE-2016-2195 [Heap overflow on invalid ECC point]
RESERVED
-CVE-2016-2194
+ - botan1.10 1.10.12-1
+ NOTE: Introduced in 1.9.18, fixed in 1.11.27 and 1.10.11
+ NOTE: http://botan.randombit.net/security.html
+CVE-2016-2194 [Infinite loop in modulur square root algorithm]
RESERVED
+ - botan1.10 1.10.12-1
+ NOTE: Introduced in 1.7.15, fixed in 1.11.27 and 1.10.11
+ NOTE: http://botan.randombit.net/security.html
CVE-2016-2193
RESERVED
CVE-2016-2192
More information about the Secure-testing-commits
mailing list