[Secure-testing-commits] r41388 - data/CVE

[Kurt Roeckx]

Author: kroeckx
Date: 2016-05-03 17:15:23 +0000 (Tue, 03 May 2016)
New Revision: 41388

Modified:
   data/CVE/list
Log:
Add openssl fixed version for unstable.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-03 17:07:30 UTC (rev 41387)
+++ data/CVE/list	2016-05-03 17:15:23 UTC (rev 41388)
@@ -6302,6 +6302,7 @@
 CVE-2016-2176 [EBCDIC overread]
 	RESERVED
 	- openssl <not-affected> (Only affects EBCDIC systems)
+	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2175
@@ -6500,7 +6501,7 @@
 	NOTE: https://www.samba.org/samba/security/CVE-2016-2110.html
 CVE-2016-2109 [ASN.1 BIO excessive memory allocation]
 	RESERVED
-	- openssl <unfixed> (low)
+	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=c62981390d6cf9e3d612c489b8b77c2913b25807
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2108 [Memory corruption in the ASN.1 encoder]
@@ -6509,16 +6510,16 @@
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2107 [Padding oracle in AES-NI CBC MAC check]
 	RESERVED
-	- openssl <unfixed>
+	- openssl 1.0.2h-1
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2106 [EVP_EncryptUpdate overflow]
 	RESERVED
-	- openssl <unfixed> (low)
+	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=3f3582139fbb259a1c3cbb0a25236500a409bf26
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2105 [EVP_EncodeUpdate overflow]
 	RESERVED
-	- openssl <unfixed> (low)
+	- openssl 1.0.2h-1
 	NOTE: Fixed in master in https://git.openssl.org/?p=openssl.git;a=commit;h=ee1e3cac2e83abc77bcc8ff98729ca1e10fcc920
 	NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2104