[Secure-testing-commits] r44288 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 3 12:10:00 UTC 2016
Author: carnil
Date: 2016-09-03 12:10:00 +0000 (Sat, 03 Sep 2016)
New Revision: 44288
Modified:
data/CVE/list
Log:
Add CVE-2016-6129
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-03 09:26:23 UTC (rev 44287)
+++ data/CVE/list 2016-09-03 12:10:00 UTC (rev 44288)
@@ -3431,6 +3431,13 @@
NOTE: https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt
CVE-2016-6129
RESERVED
+ - libtomcrypt <unfixed>
+ NOTE: https://github.com/OP-TEE/optee_os/commit/30d13250c390c4f56adefdcd3b64b7cc672f9fe2
+ NOTE: libtomcrypt ship the corresponding patch in
+ NOTE: https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd09
+ NOTE: The CVE is originally assigend to OP-TEE, but the underlying issue seems to be in
+ NOTE: libtomcrypt, thus keep that source package as well for now associated.
+ TODO: double-check CVE assignment
CVE-2016-6127
RESERVED
CVE-2016-6126
More information about the Secure-testing-commits
mailing list