[Secure-testing-commits] r39223 - data/CVE
David Prévot
taffit at moszumanska.debian.org
Wed Jan 27 04:32:20 UTC 2016
Author: taffit
Date: 2016-01-27 04:32:20 +0000 (Wed, 27 Jan 2016)
New Revision: 39223
Modified:
data/CVE/list
Log:
Document CVE-2016-1902/symfony fixed in 2.7.9+dfsg-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-27 04:26:56 UTC (rev 39222)
+++ data/CVE/list 2016-01-27 04:32:20 UTC (rev 39223)
@@ -513,8 +513,11 @@
CVE-2016-1919 [Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3]
RESERVED
NOT-FOR-US: KNOX 1.0 / Android 4.3
-CVE-2016-1902
+CVE-2016-1902 [SecureRandom's fallback not secure when OpenSSL fails]
RESERVED
+ - symfony 2.7.9+dfsg-1
+ NOTE: http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
+ NOTE: https://github.com/symfony/symfony/pull/17359
CVE-2016-1906 [Kubernetes api server: build config to a strategy that isn't allowed by policy]
RESERVED
- kubernetes <itp> (bug #795652)
More information about the Secure-testing-commits
mailing list