[Secure-testing-commits] r45312 - data/CVE

Markus Koschany apo at moszumanska.debian.org
Fri Oct 14 15:44:15 UTC 2016 

Author: apo
Date: 2016-10-14 15:44:15 +0000 (Fri, 14 Oct 2016)
New Revision: 45312

Modified:
   data/CVE/list
Log:
Mark CVE issues for Wheezy in matrixssl as <end-of-life>


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-14 15:29:29 UTC (rev 45311)
+++ data/CVE/list	2016-10-14 15:44:15 UTC (rev 45312)
@@ -4886,14 +4886,17 @@
 CVE-2016-6892 [Free of Memory not on the Heap]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
 CVE-2016-6891 [Improper Restriction of Operations within the Bounds of a Memory Buffer]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
 CVE-2016-6890 [Heap-based Buffer Overflow]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 	NOTE: https://www.kb.cert.org/vuls/id/396440
 CVE-2016-6889
 	RESERVED
@@ -5604,21 +5607,27 @@
 CVE-2016-6887 [... wrong calculation result ...]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 CVE-2016-6886 [... crash issue ...]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 CVE-2016-6885 [... Testing MatrixSSL's pstm_exptmod with base zero ...]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 CVE-2016-6884 [Access Violation on Malicious TLS Record]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 CVE-2016-6883 [Side Channel Vulnerability on RSA Cipher Suites]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 CVE-2016-6882 [Validation of RSA Signature Creation]
 	RESERVED
 	- matrixssl <removed>
+	[wheezy] - matrixssl <end-of-life> (not supported in Wheezy)
 CVE-2016-6635 (Cross-site request forgery (CSRF) vulnerability in the ...)
 	{DSA-3681-1 DLA-633-1}
 	- wordpress 4.5+dfsg-1

More information about the Secure-testing-commits mailing list