[Secure-testing-commits] r46064 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 8 13:16:51 UTC 2016
Author: carnil
Date: 2016-11-08 13:16:51 +0000 (Tue, 08 Nov 2016)
New Revision: 46064
Modified:
data/CVE/list
Log:
Add new issue for python-cryptography
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-08 12:00:48 UTC (rev 46063)
+++ data/CVE/list 2016-11-08 13:16:51 UTC (rev 46064)
@@ -1,3 +1,8 @@
+CVE-2016-XXXX [HKDF might return an empty byte-string]
+ - python-cryptography 1.5.3-1
+ NOTE: Upstream bug: https://github.com/pyca/cryptography/issues/3211
+ NOTE: Upstream commit: https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/08/6
CVE-2016-9242 (Multiple SQL injection vulnerabilities in the update method in ...)
NOT-FOR-US: Exponent CMS
CVE-2016-9241
More information about the Secure-testing-commits
mailing list