[Secure-testing-commits] r54710 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 13 06:37:40 UTC 2017
Author: carnil
Date: 2017-08-13 06:37:40 +0000 (Sun, 13 Aug 2017)
New Revision: 54710
Modified:
data/CVE/list
Log:
CVE-2017-7526: add references for gnupg
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-13 04:42:50 UTC (rev 54709)
+++ data/CVE/list 2017-08-13 06:37:40 UTC (rev 54710)
@@ -14785,6 +14785,8 @@
NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=fbd10abc057453789017f11c7f1fc8e6c61b79a3
NOTE: For the particular attack to RSA, either (A) or (B) is enough. In
NOTE: general cases, (A) plus (B) is needed.
+ NOTE: For GnuPG: https://lists.gnupg.org/pipermail/gnupg-users/2017-July/058598.html
+ NOTE: GnuPG: https://dev.gnupg.org/rC8725c99ffa41778f382ca97233183bcd687bb0ce
CVE-2017-7525 [Deserialization vulnerability via readValue method of ObjectMapper]
RESERVED
- jackson-databind <unfixed> (bug #870848)
More information about the Secure-testing-commits
mailing list