[Secure-testing-commits] r47880 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 10 19:47:03 UTC 2017
Author: carnil
Date: 2017-01-10 19:47:03 +0000 (Tue, 10 Jan 2017)
New Revision: 47880
Modified:
data/CVE/list
Log:
Update information for CVE-2016-7056
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-10 18:48:13 UTC (rev 47879)
+++ data/CVE/list 2017-01-10 19:47:03 UTC (rev 47880)
@@ -19887,9 +19887,10 @@
RESERVED
CVE-2016-7056 [ECDSA P-256 timing attack key recovery]
RESERVED
- - openssl <undetermined>
- - openssl1.0 <undetermined>
+ - openssl 1.0.2a-1
+ - openssl1.0 <not-affected> (Fixed before initial upload to Debian)
NOTE: https://eprint.iacr.org/2016/1195.pdf
+ NOTE: Fixed by: https://git.openssl.org/?p=openssl.git;a=commit;h=8aed2a7548362e88e84a7feb795a3a97e8395008 (OpenSSL_1_0_2-beta3)
CVE-2016-7055 [Montgomery multiplication may produce incorrect results]
RESERVED
- openssl 1.1.0c-1 (low)
More information about the Secure-testing-commits
mailing list