[Secure-testing-commits] r23231 - data/CVE

Salvatore Bonaccorso Wed, 07 Aug 2013 11:46:33 -0700

Author: carnil
Date: 2013-08-07 18:45:30 +0000 (Wed, 07 Aug 2013)
New Revision: 23231


Modified:
   data/CVE/list
Log:
add reference for CVE-2013-4207

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-08-07 18:44:24 UTC (rev 23230)
+++ data/CVE/list       2013-08-07 18:45:30 UTC (rev 23231)
@@ -1796,10 +1796,11 @@
        - putty 0.63-1
        - filezilla <unfixed>
        TODO: check filezilla
-CVE-2013-4207
+CVE-2013-4207 [non-coprime values in DSA signatures can cause buffer overflow 
in modular inverse]
        RESERVED
        - putty 0.63-1
        - filezilla <unfixed>
+       NOTE: 
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html
        TODO: check filezilla
 CVE-2013-4206 [buffer underrun in modmul can corrupt the heap]
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r23231 - data/CVE

Reply via email to