[Secure-testing-commits] r50376 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Apr 5 15:04:26 UTC 2017
Author: carnil
Date: 2017-04-05 15:04:25 +0000 (Wed, 05 Apr 2017)
New Revision: 50376
Modified:
data/CVE/list
Log:
Update CVE-2017-3204/golang-go.crypto
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-05 13:32:12 UTC (rev 50375)
+++ data/CVE/list 2017-04-05 15:04:25 UTC (rev 50376)
@@ -12135,7 +12135,9 @@
CVE-2017-3205
RESERVED
CVE-2017-3204 (The Go SSH library (x/crypto/ssh) by default does not verify host ...)
- TODO: check
+ - golang-go.crypto <unfixed>
+ NOTE: https://github.com/golang/crypto/commit/e4e2799dd7aab89f583e1d898300d96367750991
+ NOTE: https://github.com/golang/go/issues/19767
CVE-2017-3203
RESERVED
CVE-2017-3202
More information about the Secure-testing-commits
mailing list