[Secure-testing-commits] r42819 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jun 27 11:48:48 UTC 2016
Author: jmm
Date: 2016-06-27 11:48:47 +0000 (Mon, 27 Jun 2016)
New Revision: 42819
Modified:
data/CVE/list
Log:
add a note on CVE-2016-2379, potentially pidgin
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-27 11:16:31 UTC (rev 42818)
+++ data/CVE/list 2016-06-27 11:48:47 UTC (rev 42819)
@@ -10030,6 +10030,7 @@
NOTE: https://bitbucket.org/pidgin/main/commits/8172584fd640
CVE-2016-2379
RESERVED
+ NOTE: Mentioned at http://www.pidgin.im/news/security/?id=96 without further details
CVE-2016-2378 [MXIT get_utf8_string Code Execution Vulnerability]
RESERVED
- pidgin 2.11.0-1
@@ -10863,10 +10864,10 @@
CVE-2016-2179
RESERVED
CVE-2016-2178 (The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL ...)
- - openssl <unfixed>
+ - openssl <unfixed> (low)
NOTE: Fixed in master branch in https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2
CVE-2016-2177 (OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for ...)
- - openssl <unfixed>
+ - openssl <unfixed> (low)
NOTE: Fixed in 1.0.2 branch in https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7
CVE-2016-2176 (The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL ...)
- openssl <not-affected> (Only applies to EBCDIC systems)
More information about the Secure-testing-commits
mailing list