[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] SSPSA 201802-01: Update temporary description to be more descriptive

Salvatore Bonaccorso carnil at debian.org
Tue Feb 27 19:59:15 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
719152b4 by Salvatore Bonaccorso at 2018-02-27T20:57:52+01:00
SSPSA 201802-01: Update temporary description to be more descriptive

Thijs Kinkhorst will take care of requesting a CVE for the issue.

Details are still under embargo until published at

https://simplesamlphp.org/security/201802-01

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -8,10 +8,10 @@ CVE-2018-7541 [XSA-255: grant table v2 -> v1 transition may crash Xen]
 CVE-2018-7540 [XSA-252: DoS via non-preemptable L3/L4 pagetable freeing]
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-252.html
-CVE-2018-XXXX [SSPSA 201802-01]
+CVE-2018-XXXX [SSPSA 201802-01: Check for supported signature algorithms when casting a key]
 	- simplesamlphp 1.15.3-1
 	NOTE: https://simplesamlphp.org/security/201802-01
-	NOTE: upstream fix is just to bump the simplesamlphp/saml2 dependency, so patch is probably really: https://github.com/simplesamlphp/saml2/commit/88a9ae848c4b310b1c53b5700893d890999dd930
+	NOTE: Fixed by: https://github.com/simplesamlphp/saml2/commit/88a9ae848c4b310b1c53b5700893d890999dd930
 CVE-2018-7537
 	RESERVED
 CVE-2018-7536



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/719152b40bcdc491ef037507fec21ea490bc07a6

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/719152b40bcdc491ef037507fec21ea490bc07a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180227/cf617141/attachment.html>

More information about the Secure-testing-commits mailing list