[Secure-testing-commits] r58198 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Dec 1 22:56:48 UTC 2017


Author: carnil
Date: 2017-12-01 22:56:48 +0000 (Fri, 01 Dec 2017)
New Revision: 58198

Modified:
   data/CVE/list
Log:
Add new tor issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-01 21:41:40 UTC (rev 58197)
+++ data/CVE/list	2017-12-01 22:56:48 UTC (rev 58198)
@@ -26439,16 +26439,26 @@
 	NOTE: https://github.com/dinhviethoa/libetpan/issues/274
 CVE-2017-8824
 	RESERVED
-CVE-2017-8823
+CVE-2017-8823 [TROVE-2017-013: Use-after-free in onion service v2]
 	RESERVED
-CVE-2017-8822
+	- tor <unfixed>
+	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8822 [TROVE-2017-012: Relays can pick themselves in a circuit path]
 	RESERVED
-CVE-2017-8821
+	- tor <unfixed>
+	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8821 [TROVE-2017-011: An attacker can make Tor ask for a password]
 	RESERVED
-CVE-2017-8820
+	- tor <unfixed>
+	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8820 [TROVE-2017-010: Remote DoS attack against directory authorities]
 	RESERVED
-CVE-2017-8819
+	- tor <unfixed>
+	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
+CVE-2017-8819 [TROVE-2017-009: Replay-cache ineffective for v2 onion services]
 	RESERVED
+	- tor <unfixed>
+	NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516
 CVE-2017-8818 (curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to ...)
 	- curl 7.57.0-1
 	[stretch] - curl <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list