[Secure-testing-commits] r53195 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Jul 5 21:09:00 UTC 2017


Author: jmm
Date: 2017-07-05 21:09:00 +0000 (Wed, 05 Jul 2017)
New Revision: 53195

Modified:
   data/CVE/list
Log:
rkhunter, golang no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-05 20:56:20 UTC (rev 53194)
+++ data/CVE/list	2017-07-05 21:09:00 UTC (rev 53195)
@@ -5107,7 +5107,9 @@
 CVE-2017-8932 [Elliptic curves carry propagation issue in x86-64 P-256]
 	RESERVED
 	- golang-1.8 1.8.3-1 (bug #863307)
+	[stretch] - golang-1.8 <no-dsa> (Minor issue)
 	- golang-1.7 1.7.6-1 (bug #863308)
+	[stretch] - golang-1.7 <no-dsa> (Minor issue)
 	- golang <removed>
 	[wheezy] - golang <not-affected> (Vulnerable code not present, no ASM implementation of the p256 elliptic curve)
 	[jessie] - golang <not-affected> (Vulnerable code not present, no ASM implementation of the p256 elliptic curve)
@@ -9342,6 +9344,8 @@
 CVE-2017-7480 [File download via http might lead to RCE]
 	RESERVED
 	- rkhunter 1.4.4-1 (bug #866677)
+	[stretch] - rkhunter <no-dsa> (Minor issue)
+	[jessie] - rkhunter <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/29/2
 	NOTE: http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/files/rkhunter?r1=1.549&r2=1.550&view=patch
 CVE-2017-7479 (OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to ...)




More information about the Secure-testing-commits mailing list