[Secure-testing-commits] r52512 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jun 12 16:18:33 UTC 2017
Author: jmm
Date: 2017-06-12 16:18:32 +0000 (Mon, 12 Jun 2017)
New Revision: 52512
Modified:
data/CVE/list
Log:
new mruby issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-12 16:07:54 UTC (rev 52511)
+++ data/CVE/list 2017-06-12 16:18:32 UTC (rev 52512)
@@ -47,7 +47,10 @@
CVE-2017-9528
RESERVED
CVE-2017-9527 (The mark_context_stack function in gc.c in mruby through 1.2.0 allows ...)
- TODO: check
+ [experimental] - mruby 1.2.0+20170601+git51e0e690-1
+ - mruby <unfixed> (low)
+ [stretch] - mruby <no-dsa> (Minor issue)
+ [jessie] - mruby <no-dsa> (Minor issue)
CVE-2017-9526 (In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key ...)
- libgcrypt20 1.7.6-2
- libgcrypt11 <not-affected> (Curve Ed25519 signing and verification introduced in 1.6.0)
More information about the Secure-testing-commits
mailing list