[Secure-testing-commits] r44750 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 20 06:24:22 UTC 2016
Author: carnil
Date: 2016-09-20 06:24:21 +0000 (Tue, 20 Sep 2016)
New Revision: 44750
Modified:
data/CVE/list
Log:
Update information for CVE-2016-6298/python-jwcrypto
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-20 05:15:03 UTC (rev 44749)
+++ data/CVE/list 2016-09-20 06:24:21 UTC (rev 44750)
@@ -5717,11 +5717,11 @@
NOTE: https://github.com/rpm-software-management/mock/commit/8b02f43beadacf6911200b48d94e39e891a41da9
TODO: check
CVE-2016-6298 (The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in ...)
- - python-jwcrypto <undetermined>
+ - python-jwcrypto 0.3.2-1
NOTE: https://github.com/latchset/jwcrypto/issues/65
NOTE: https://github.com/latchset/jwcrypto/pull/66
NOTE: https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba
- TODO: check, possibly n/a since method not implemented, but needs double-check
+ NOTE: Code moved around in git, for 0.3.2 it is in jwe.py
CVE-2016-6354 [Buffer overflow in generated code (yy_get_next_buffer); related to num_to_read]
RESERVED
{DSA-3653-2 DSA-3653-1}
More information about the Secure-testing-commits
mailing list