[Secure-testing-commits] r58198 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 1 22:56:48 UTC 2017
Author: carnil
Date: 2017-12-01 22:56:48 +0000 (Fri, 01 Dec 2017)
New Revision: 58198
Modified:
data/CVE/list
Log:
Add new tor issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-01 21:41:40 UTC (rev 58197)
+++ data/CVE/list 2017-12-01 22:56:48 UTC (rev 58198)
@@ -26439,16 +26439,26 @@
NOTE: https://github.com/dinhviethoa/libetpan/issues/274
CVE-2017-8824
RESERVED
-CVE-2017-8823
+CVE-2017-8823 [TROVE-2017-013: Use-after-free in onion service v2]
RESERVED
-CVE-2017-8822
+ - tor <unfixed>
+ NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8822 [TROVE-2017-012: Relays can pick themselves in a circuit path]
RESERVED
-CVE-2017-8821
+ - tor <unfixed>
+ NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8821 [TROVE-2017-011: An attacker can make Tor ask for a password]
RESERVED
-CVE-2017-8820
+ - tor <unfixed>
+ NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8820 [TROVE-2017-010: Remote DoS attack against directory authorities]
RESERVED
-CVE-2017-8819
+ - tor <unfixed>
+ NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8819 [TROVE-2017-009: Replay-cache ineffective for v2 onion services]
RESERVED
+ - tor <unfixed>
+ NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
CVE-2017-8818 (curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to ...)
- curl 7.57.0-1
[stretch] - curl <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list