[Secure-testing-commits] r38646 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 2 16:19:08 UTC 2016
Author: carnil
Date: 2016-01-02 16:19:08 +0000 (Sat, 02 Jan 2016)
New Revision: 38646
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2015-8559 and mark as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-02 15:50:07 UTC (rev 38645)
+++ data/CVE/list 2016-01-02 16:19:08 UTC (rev 38646)
@@ -1686,7 +1686,9 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
CVE-2015-8559 [knife bootstrap leaks validator privkey into system logs]
RESERVED
- - chef <unfixed>
+ - chef <unfixed> (bug #809670)
+ [jessie] - chef <no-dsa> (Minor issue; workaround using validatorless bootstrapping)
+ [wheezy] - chef <no-dsa> (Minor issue; workaround using validatorless bootstrapping)
NOTE: https://github.com/chef/chef/issues/3871
NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/10
NOTE: Workaround: use validatorless bootstrapping
More information about the Secure-testing-commits
mailing list