[Secure-testing-commits] r38769 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jan 8 10:11:03 UTC 2016 

Author: carnil
Date: 2016-01-08 10:11:03 +0000 (Fri, 08 Jan 2016)
New Revision: 38769

Modified:
   data/CVE/list
Log:
Merge temporary item for gnutls to CVE-2015-7575 entry

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-08 09:10:26 UTC (rev 38768)
+++ data/CVE/list	2016-01-08 10:11:03 UTC (rev 38769)
@@ -6768,7 +6768,17 @@
 	NOTE: Patch in SuSE Bugzilla: https://bugzilla.novell.com/attachment.cgi?id=660286
 	NOTE: http://www.mitls.org/pages/attacks/SLOTH
 	NOTE: OpenSSL fix: https://git.openssl.org/?p=openssl.git;a=commit;h=5e1ff664f95ab4c9176b3e86b5111e5777bad61a
-	TODO: check
+	- gnutls28 3.3.15-1
+	[jessie] - gnutls28 3.3.8-6+deb8u2
+	- gnutls26 <removed>
+	[wheezy] - gnutls26 <no-dsa> (Minor issue; Can be fixed along with a future DSA)
+	[squeeze] - gnutls26 <not-affected> (TLS1.2 not supported)
+	NOTE: http://gnutls.org/security.html#GNUTLS-SA-2015-2
+	NOTE: http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html
+	NOTE: https://gitlab.com/gnutls/gnutls/commit/7d9d5c61f8445dc9e9ca47bb575c77cef17da17a
+	NOTE: https://gitlab.com/gnutls/gnutls/commit/0e3fc7881d37246fc2d51dc404cad95b205c0e1e
+	NOTE: https://gitlab.com/gnutls/gnutls/commit/6822a37947d4e38c45b1afc0121cda35ba897182
+	NOTE: http://www.openwall.com/lists/oss-security/2015/05/05/8
 CVE-2015-7574
 	RESERVED
 CVE-2015-7573
@@ -17993,21 +18003,6 @@
 	- t1utils 1.38-4 (bug #779274)
 	NOTE: https://github.com/kohler/t1utils/issues/4
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/13/9
-CVE-2015-XXXX [GNUTLS-SA-2015-2]
-	- gnutls28 3.3.15-1
-	[jessie] - gnutls28 3.3.8-6+deb8u2
-	- gnutls26 <removed>
-	[wheezy] - gnutls26 <no-dsa> (Minor issue; Can be fixed along with a future DSA)
-	[squeeze] - gnutls26 <not-affected> (TLS1.2 not supported)
-	NOTE: http://gnutls.org/security.html#GNUTLS-SA-2015-2
-	NOTE: http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html
-	NOTE: https://gitlab.com/gnutls/gnutls/commit/7d9d5c61f8445dc9e9ca47bb575c77cef17da17a
-	NOTE: https://gitlab.com/gnutls/gnutls/commit/0e3fc7881d37246fc2d51dc404cad95b205c0e1e
-	NOTE: https://gitlab.com/gnutls/gnutls/commit/6822a37947d4e38c45b1afc0121cda35ba897182
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/05/8
-	NOTE: Updating this alone will break SSL support for lynx. Thus this update was
-	NOTE: requested via a s-p-u together with a lynx update: https://bugs.debian.org/789189
-	NOTE: and https://bugs.debian.org/789393
 CVE-2015-XXXX [crashes on crafted upack packed file]
 	- clamav 0.98.7+dfsg-1
 	[squeeze] - clamav 0.98.7+dfsg-0+deb6u1

More information about the Secure-testing-commits mailing list