[Secure-testing-commits] r44665 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Sep 17 08:12:49 UTC 2016


Author: carnil
Date: 2016-09-17 08:12:49 +0000 (Sat, 17 Sep 2016)
New Revision: 44665

Modified:
   data/CVE/list
Log:
Add explanation of CVE-2016-7420 scope and mark as no-dsa for jessie

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-09-17 07:57:32 UTC (rev 44664)
+++ data/CVE/list	2016-09-17 08:12:49 UTC (rev 44665)
@@ -2224,7 +2224,10 @@
 	RESERVED
 CVE-2016-7420 (Crypto++ (aka cryptopp) through 5.6.4 does not document the ...)
 	- libcrypto++ <unfixed>
+	[jessie] - libcrypto++ <no-dsa> (Minor issue)
 	NOTE: https://github.com/weidai11/cryptopp/issues/277
+	NOTE: The scope of this CVE is the documentation bug, lacking treatment of
+	NOTE: -DNDEBUG and Static Initialization
 CVE-2016-7419
 	RESERVED
 CVE-2016-7418 [Out-Of-Bounds Read in php_wddx_push_element]




More information about the Secure-testing-commits mailing list