[Git][security-tracker-team/security-tracker][master] Add additional bug references for wolfssl issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Sep 14 20:52:52 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
56207ea4 by Salvatore Bonaccorso at 2024-09-14T21:52:24+02:00
Add additional bug references for wolfssl issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3658,12 +3658,12 @@ CVE-2024-5991 (In function MatchDomainName(), input param str is treated as a NU
 	NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/7604
 CVE-2024-5814 (A malicious TLS1.2 server can force a TLS1.3 client with downgrade cap ...)
-	- wolfssl <unfixed>
+	- wolfssl <unfixed> (bug #1081791)
 	NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/7619
 	NOTE: https://tches.iacr.org/index.php/TCHES/article/view/11259
 CVE-2024-5288 (An issue was discovered in wolfSSL before 5.7.0. A safe-error attack v ...)
-	- wolfssl <unfixed>
+	- wolfssl <unfixed> (bug #1081790)
 	NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/7416
 CVE-2024-4872 (The product does not validate any query towards persistent data, resul ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56207ea4348367ff0234212c46b4ec0043402a0a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56207ea4348367ff0234212c46b4ec0043402a0a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240914/78e57425/attachment.htm>


More information about the debian-security-tracker-commits mailing list