[Secure-testing-commits] r55876 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Sep 18 14:58:52 UTC 2017
Author: carnil
Date: 2017-09-18 14:58:52 +0000 (Mon, 18 Sep 2017)
New Revision: 55876
Modified:
data/CVE/list
Log:
Add CVE-2017-0380/tor
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-18 14:36:09 UTC (rev 55875)
+++ data/CVE/list 2017-09-18 14:58:52 UTC (rev 55876)
@@ -40332,8 +40332,12 @@
{DSA-3731-1}
- chromium-browser 55.0.2883.75-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-0380
+CVE-2017-0380 [Stack disclosure in hidden services logs when SafeLogging disabled]
RESERVED
+ - tor <unfixed>
+ [jessie] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
+ [wheezy] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
+ NOTE: https://trac.torproject.org/projects/tor/ticket/23490
CVE-2017-0379 (Libgcrypt before 1.8.1 does not properly consider Curve25519 ...)
{DSA-3959-1}
- libgcrypt20 1.7.9-1 (bug #873383)
More information about the Secure-testing-commits
mailing list