[Secure-testing-commits] r53051 - data/CVE

Fri Jun 30 20:21:19 UTC 2017

Author: carnil
Date: 2017-06-30 20:21:19 +0000 (Fri, 30 Jun 2017)
New Revision: 53051

Modified:
   data/CVE/list
Log:
Add note for libgcrypt20

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-06-30 19:28:46 UTC (rev 53050)
+++ data/CVE/list	2017-06-30 20:21:19 UTC (rev 53051)
@@ -8606,9 +8606,10 @@
 	- libgcrypt20 1.7.8-1
 	- libgcrypt11 <removed>
 	NOTE: https://eprint.iacr.org/2017/627
-	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=8725c99ffa41778f382ca97233183bcd687bb0ce
-	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=78130828e9a140a9de4dafadbc844dbb64cb709a
-	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=e6a3dc9900433bbc8ad362a595a3837318c28fa9
+	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=a9f612def801c8145d551d995475e5d51a4c988c
+	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=aff5fd0f2650e24cf99efcd7b499627ea48782c3
+	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=312101e1f266314b4391fcdbe11c03de5c147e38
+	TODO: waiting for upstream confirmation on correct set of fixes
 CVE-2017-7525
 	RESERVED
 CVE-2017-7524 (tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...)


