[Git][security-tracker-team/security-tracker][master] 2 commits: wpa/CVE-2019-9494,CVE-2019-9496: ignore SAE-related vulnerabilities

Thu, 11 Apr 2019 01:01:33 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
27d69418 by Sylvain Beucler at 2019-04-11T08:00:16Z
wpa/CVE-2019-9494,CVE-2019-9496: ignore SAE-related vulnerabilities

- - - - -
6f93468a by Sylvain Beucler at 2019-04-11T08:00:43Z
dla: add wpa

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4525,6 +4525,7 @@ CVE-2019-9496 [SAE confirm missing state validation in 
hostapd/AP]
        RESERVED
        - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
        [stretch] - wpa <ignored> (SAE code not enabled for build in stretch)
+       [jessie] - wpa <ignored> (SAE code not enabled for build in jessie)
        NOTE: 
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
        NOTE: Patches: https://w1.fi/security/2019-3/
        NOTE: CONFIG_SAE=y enabled since 2:2.7~git20180706+420b5dd-1
@@ -4537,6 +4538,7 @@ CVE-2019-9494 [cache attack against SAE]
        RESERVED
        - wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
        [stretch] - wpa <ignored> (SAE code not enabled for build in stretch)
+       [jessie] - wpa <ignored> (SAE code not enabled for build in jessie)
        NOTE: https://w1.fi/security/2019-1/sae-side-channel-attacks.txt
        NOTE: Patches: https://w1.fi/security/2019-1/
        NOTE: CONFIG_SAE=y enabled since 2:2.7~git20180706+420b5dd-1


=====================================
data/dla-needed.txt
=====================================
@@ -119,5 +119,7 @@ wireshark (Hugo Lefeuvre)
 wordpress
   NOTE: 20190401: remaining one issue (CVE-2019-8943). Waiting for upstream 
patch (abhijith)
 --
+wpa
+--
 xen (worked on by credative)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/63d96f2091f61645a2da5aacc6f2384b3496159a...6f93468a37b4f7d74dab38b49aa80d6e56c092d7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/63d96f2091f61645a2da5aacc6f2384b3496159a...6f93468a37b4f7d74dab38b49aa80d6e56c092d7
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to