[Secure-testing-commits] r46658 - data/CVE

[Sebastien Delafond]

Author: seb
Date: 2016-11-30 11:26:18 +0000 (Wed, 30 Nov 2016)
New Revision: 46658

Modified:
   data/CVE/list
Log:
Mark CVE-2016-9132 (botan1.10) as no-dsa due to apparent lack of exploitability

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-30 11:24:01 UTC (rev 46657)
+++ data/CVE/list	2016-11-30 11:26:18 UTC (rev 46658)
@@ -1886,8 +1886,10 @@
 CVE-2016-9132 [Integer overflow in BER decoder]
 	RESERVED
 	- botan1.10 1.10.14-1
+	[jessie] - botan1.10 <no-dsa> (Minor issue)
 	NOTE: Fixed in 1.10.14 and 1.11.34, all prior versions affected.
 	NOTE: Fixed by: https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f
+	NOTE: Not believed to be exploitable in practice
 CVE-2016-9131
 	RESERVED
 CVE-2016-9130