[Secure-testing-commits] r52512 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jun 12 16:18:33 UTC 2017


Author: jmm
Date: 2017-06-12 16:18:32 +0000 (Mon, 12 Jun 2017)
New Revision: 52512

Modified:
   data/CVE/list
Log:
new mruby issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-12 16:07:54 UTC (rev 52511)
+++ data/CVE/list	2017-06-12 16:18:32 UTC (rev 52512)
@@ -47,7 +47,10 @@
 CVE-2017-9528
 	RESERVED
 CVE-2017-9527 (The mark_context_stack function in gc.c in mruby through 1.2.0 allows ...)
-	TODO: check
+	[experimental] - mruby 1.2.0+20170601+git51e0e690-1
+	- mruby <unfixed> (low)
+	[stretch] - mruby <no-dsa> (Minor issue)
+	[jessie] - mruby <no-dsa> (Minor issue)
 CVE-2017-9526 (In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key ...)
 	- libgcrypt20 1.7.6-2
 	- libgcrypt11 <not-affected> (Curve Ed25519 signing and verification introduced in 1.6.0)




More information about the Secure-testing-commits mailing list