[Secure-testing-commits] r38732 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 6 15:56:18 UTC 2016
Author: carnil
Date: 2016-01-06 15:56:06 +0000 (Wed, 06 Jan 2016)
New Revision: 38732
Modified:
data/CVE/list
Log:
Update comment for CVE-2016-1494/python-rsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-06 12:47:18 UTC (rev 38731)
+++ data/CVE/list 2016-01-06 15:56:06 UTC (rev 38732)
@@ -434,7 +434,8 @@
CVE-2016-1494 [signature forgery]
RESERVED
- python-rsa <unfixed>
- NOTE: Fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
+ NOTE: proposed fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
+ NOTE: proposed fix not yet merged
NOTE: https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
TODO: check
CVE-2015-8604 [SQL Injection in graphs_new.php]
More information about the Secure-testing-commits
mailing list