Author: carnil Date: 2015-02-14 21:59:33 +0000 (Sat, 14 Feb 2015) New Revision: 32244
Modified: data/CVE/list Log: Add CVE-2015-1606 and CVE-2015-1607 Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-02-14 21:53:31 UTC (rev 32243) +++ data/CVE/list 2015-02-14 21:59:33 UTC (rev 32244) @@ -1,3 +1,15 @@ +CVE-2015-1607 [memcpy with overlapping ranges, resulting from incorrect bitwise left shifts] + [experimental] - gnupg2 2.1.2-1 + - gnupg2 <unfixed> + - gnupg <undetermined> + NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html + TODO: check +CVE-2015-1606 [use after free resulting from failure to skip invalid packets] + [experimental] - gnupg2 2.1.2-1 + - gnupg2 <unfixed> + - gnupg <undetermined> + NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html + TODO: check CVE-2015-1604 NOT-FOR-US: Landsknecht Adminsystems CVE-2015-1603 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
