[Secure-testing-commits] r45836 - in data: . CVE
Guido Guenther
agx at moszumanska.debian.org
Tue Nov 1 15:44:23 UTC 2016
Author: agx
Date: 2016-11-01 15:44:23 +0000 (Tue, 01 Nov 2016)
New Revision: 45836
Modified:
data/CVE/list
data/dla-needed.txt
Log:
lts-triage openssl/CVE-2016-8610
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-01 15:23:30 UTC (rev 45835)
+++ data/CVE/list 2016-11-01 15:44:23 UTC (rev 45836)
@@ -1347,6 +1347,8 @@
- openssl 1.0.2j-1
NOTE: http://www.openwall.com/lists/oss-security/2016/10/24/3
NOTE: Fixed by: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384743 mentions countermeasures in gnutls
+ NOTE: https://gitlab.com/gnutls/gnutls/commit/1ffb827e45721ef56982d0ffd5c5de52376c428e
CVE-2016-8609
RESERVED
CVE-2016-8608
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-11-01 15:23:30 UTC (rev 45835)
+++ data/dla-needed.txt 2016-11-01 15:44:23 UTC (rev 45836)
@@ -72,6 +72,9 @@
openjdk-7 (Guido Günther)
NOTE: Upstream prepares a new IceTea version that will be the basis for the update
--
+openssl
+ NOTE: Kurt Roeckx is working on an update
+--
php5 (Thorsten Alteholz)
--
phpmyadmin
More information about the Secure-testing-commits
mailing list