[Secure-testing-commits] r43045 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 7 06:27:58 UTC 2016
Author: carnil
Date: 2016-07-07 06:27:58 +0000 (Thu, 07 Jul 2016)
New Revision: 43045
Modified:
data/CVE/list
Log:
Add CVE-2016-2177/openssl reference
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-07 04:55:59 UTC (rev 43044)
+++ data/CVE/list 2016-07-07 06:27:58 UTC (rev 43045)
@@ -11930,6 +11930,7 @@
- openssl <unfixed> (low)
[jessie] - openssl <no-dsa> (Wait until next openssl update round)
NOTE: Fixed in 1.0.2 branch in https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7
+ NOTE: https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
CVE-2016-2176 (The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL ...)
- openssl <not-affected> (Only applies to EBCDIC systems)
NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219
More information about the Secure-testing-commits
mailing list