[Secure-testing-commits] r46104 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Nov 10 18:27:09 UTC 2016
Author: carnil
Date: 2016-11-10 18:27:09 +0000 (Thu, 10 Nov 2016)
New Revision: 46104
Modified:
data/CVE/list
Log:
Record fixed version for CVE-2016-705{3,4,5}/openssl
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-10 18:18:48 UTC (rev 46103)
+++ data/CVE/list 2016-11-10 18:27:09 UTC (rev 46104)
@@ -6662,7 +6662,7 @@
RESERVED
CVE-2016-7055 [Montgomery multiplication may produce incorrect results]
RESERVED
- - openssl <unfixed> (low)
+ - openssl 1.1.0c-1 (low)
[jessie] - openssl <not-affected> (Only affects (1.0.2 and 1.1.0)
[wheezy] - openssl <not-affected> (Only affects (1.0.2 and 1.1.0)
- openssl1.0 <unfixed> (low)
@@ -6670,14 +6670,14 @@
NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=2fac86d9abeaa643677d1ffd0a139239fdf9406a
CVE-2016-7054 [ChaCha20/Poly1305 heap-buffer-overflow]
RESERVED
- - openssl <unfixed>
+ - openssl 1.1.0c-1
[jessie] - openssl <not-affected> (Only affects 1.1.0)
[wheezy] - openssl <not-affected> (Only affects 1.1.0)
- openssl1.0 <not-affected> (Only affects 1.1.0)
NOTE: https://www.openssl.org/news/secadv/20161110.txt
CVE-2016-7053 [CMS Null dereference]
RESERVED
- - openssl <unfixed>
+ - openssl 1.1.0c-1
[jessie] - openssl <not-affected> (Only affects 1.1.0)
[wheezy] - openssl <not-affected> (Only affects 1.1.0)
- openssl1.0 <not-affected> (Only affects 1.1.0)
More information about the Secure-testing-commits
mailing list