[Secure-testing-commits] r55118 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 27 09:21:41 UTC 2017
Author: carnil
Date: 2017-08-27 09:21:40 +0000 (Sun, 27 Aug 2017)
New Revision: 55118
Modified:
data/CVE/list
Log:
Add CVE-2017-0379/libgcrypt20
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-26 22:50:46 UTC (rev 55117)
+++ data/CVE/list 2017-08-27 09:21:40 UTC (rev 55118)
@@ -37415,8 +37415,12 @@
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-0380
RESERVED
-CVE-2017-0379
+CVE-2017-0379 [side-channel attack on Curve25519]
RESERVED
+ - libgcrypt20 <unfixed>
+ [jessie] - libgcrypt20 <not-affected> (Vulnerable code not present, no Curve25519 support)
+ - libgcrypt11 <not-affected> (Vulnerable code not present, no Curve25519 support)
+ NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=da780c8183cccc8f533c8ace8211ac2cb2bdee7b
CVE-2017-0378 (XSS exists in the login_form function in views/helpers.php in Phamm ...)
- phamm <unfixed> (bug #868988)
[stretch] - phamm <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list