[Secure-testing-commits] r40491 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Mar 21 05:24:30 UTC 2016


Author: carnil
Date: 2016-03-21 05:24:30 +0000 (Mon, 21 Mar 2016)
New Revision: 40491

Modified:
   data/CVE/list
Log:
Mark python-rsa as no-dsa for jessie

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-20 22:36:18 UTC (rev 40490)
+++ data/CVE/list	2016-03-21 05:24:30 UTC (rev 40491)
@@ -6741,6 +6741,7 @@
 	NOTE: Introduced by: https://git.kernel.org/linus/ec011fe847347b40c60fdb5085f65227762e2e08 (v3.13-rc1)
 CVE-2016-1494 (The verify function in the RSA package for Python (Python-RSA) before ...)
 	- python-rsa 3.2.3-1.1 (bug #809980)
+	[jessie] - python-rsa <no-dsa> (Minor issue)
 	NOTE: proposed fix: https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff
 	NOTE: https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
 CVE-2015-8604 [SQL Injection in graphs_new.php]




More information about the Secure-testing-commits mailing list