[Secure-testing-commits] r41378 - data/CVE
Alessandro Ghedini
ghedo at moszumanska.debian.org
Tue May 3 14:34:38 UTC 2016
Author: ghedo
Date: 2016-05-03 14:34:38 +0000 (Tue, 03 May 2016)
New Revision: 41378
Modified:
data/CVE/list
Log:
Update openssl issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-03 14:33:03 UTC (rev 41377)
+++ data/CVE/list 2016-05-03 14:34:38 UTC (rev 41378)
@@ -6297,9 +6297,9 @@
RESERVED
CVE-2016-2177
RESERVED
-CVE-2016-2176
+CVE-2016-2176 [EBCDIC overread]
RESERVED
- - openssl <unfixed>
+ - openssl <not-affected> (Only affects EBCDIC systems)
NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219
NOTE: https://www.openssl.org/news/secadv/20160503.txt
CVE-2016-2175
@@ -6496,27 +6496,27 @@
{DSA-3548-1}
- samba 2:4.3.7+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2016-2110.html
-CVE-2016-2109
+CVE-2016-2109 [ASN.1 BIO excessive memory allocation]
RESERVED
- openssl <unfixed> (low)
NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=c62981390d6cf9e3d612c489b8b77c2913b25807
NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2108
+CVE-2016-2108 [Memory corruption in the ASN.1 encoder]
RESERVED
- openssl 1.0.2c-1
NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2107
+CVE-2016-2107 [Padding oracle in AES-NI CBC MAC check]
RESERVED
- openssl <unfixed>
NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2106
+CVE-2016-2106 [EVP_EncryptUpdate overflow]
RESERVED
- - openssl <unfixed>
+ - openssl <unfixed> (low)
NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=3f3582139fbb259a1c3cbb0a25236500a409bf26
NOTE: https://www.openssl.org/news/secadv/20160503.txt
-CVE-2016-2105
+CVE-2016-2105 [EVP_EncodeUpdate overflow]
RESERVED
- - openssl <unfixed>
+ - openssl <unfixed> (low)
NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ee1e3cac2e83abc77bcc8ff98729ca1e10fcc920
NOTE: https://www.openssl.org/news/secadv/20160503.txt
CVE-2016-2104
More information about the Secure-testing-commits
mailing list