[Secure-testing-commits] r58331 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 7 14:49:13 UTC 2017
Author: carnil
Date: 2017-12-07 14:49:13 +0000 (Thu, 07 Dec 2017)
New Revision: 58331
Modified:
data/CVE/list
Log:
Add commits for CVE-2017-373{7,8}
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-07 14:36:37 UTC (rev 58330)
+++ data/CVE/list 2017-12-07 14:49:13 UTC (rev 58331)
@@ -43467,6 +43467,8 @@
- openssl <unfixed>
- openssl1.0 <unfixed>
NOTE: https://www.openssl.org/news/secadv/20171207.txt
+ NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=e502cc86df9dafded1694fceb3228ee34d11c11a
+ NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=ca51bafc1a88d8b8348f5fd97adc5d6ca93f8e76
CVE-2017-3737 [Read/write after SSL object in error state]
RESERVED
- openssl 1.1.0b-2
@@ -43476,6 +43478,7 @@
NOTE: Not fully correct tracking, the issue just does not affect OpenSSL 1.1.0
NOTE: thus mark as fixed in the firs 1.1.0 version which entered unstable.
NOTE: https://www.openssl.org/news/secadv/20171207.txt
+ NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=898fb884b706aaeb283de4812340bb0bde8476dc
CVE-2017-3736 (There is a carry propagating bug in the x86_64 Montgomery squaring ...)
{DSA-4017-1}
- openssl 1.1.0g-1
More information about the Secure-testing-commits
mailing list