Author: sectracker
Date: 2015-03-24 09:10:21 +0000 (Tue, 24 Mar 2015)
New Revision: 33108
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-24 08:46:41 UTC (rev 33107)
+++ data/CVE/list 2015-03-24 09:10:21 UTC (rev 33108)
@@ -1,3 +1,651 @@
+CVE-2015-2673
+ RESERVED
+CVE-2015-2671
+ RESERVED
+CVE-2015-2670
+ RESERVED
+CVE-2015-2669
+ RESERVED
+CVE-2015-2668
+ RESERVED
+CVE-2015-2667
+ RESERVED
+CVE-2015-2665
+ RESERVED
+CVE-2015-2664
+ RESERVED
+CVE-2015-2663
+ RESERVED
+CVE-2015-2662
+ RESERVED
+CVE-2015-2661
+ RESERVED
+CVE-2015-2660
+ RESERVED
+CVE-2015-2659
+ RESERVED
+CVE-2015-2658
+ RESERVED
+CVE-2015-2657
+ RESERVED
+CVE-2015-2656
+ RESERVED
+CVE-2015-2655
+ RESERVED
+CVE-2015-2654
+ RESERVED
+CVE-2015-2653
+ RESERVED
+CVE-2015-2652
+ RESERVED
+CVE-2015-2651
+ RESERVED
+CVE-2015-2650
+ RESERVED
+CVE-2015-2649
+ RESERVED
+CVE-2015-2648
+ RESERVED
+CVE-2015-2647
+ RESERVED
+CVE-2015-2646
+ RESERVED
+CVE-2015-2645
+ RESERVED
+CVE-2015-2644
+ RESERVED
+CVE-2015-2643
+ RESERVED
+CVE-2015-2642
+ RESERVED
+CVE-2015-2641
+ RESERVED
+CVE-2015-2640
+ RESERVED
+CVE-2015-2639
+ RESERVED
+CVE-2015-2638
+ RESERVED
+CVE-2015-2637
+ RESERVED
+CVE-2015-2636
+ RESERVED
+CVE-2015-2635
+ RESERVED
+CVE-2015-2634
+ RESERVED
+CVE-2015-2633
+ RESERVED
+CVE-2015-2632
+ RESERVED
+CVE-2015-2631
+ RESERVED
+CVE-2015-2630
+ RESERVED
+CVE-2015-2629
+ RESERVED
+CVE-2015-2628
+ RESERVED
+CVE-2015-2627
+ RESERVED
+CVE-2015-2626
+ RESERVED
+CVE-2015-2625
+ RESERVED
+CVE-2015-2624
+ RESERVED
+CVE-2015-2623
+ RESERVED
+CVE-2015-2622
+ RESERVED
+CVE-2015-2621
+ RESERVED
+CVE-2015-2620
+ RESERVED
+CVE-2015-2619
+ RESERVED
+CVE-2015-2618
+ RESERVED
+CVE-2015-2617
+ RESERVED
+CVE-2015-2616
+ RESERVED
+CVE-2015-2615
+ RESERVED
+CVE-2015-2614
+ RESERVED
+CVE-2015-2613
+ RESERVED
+CVE-2015-2612
+ RESERVED
+CVE-2015-2611
+ RESERVED
+CVE-2015-2610
+ RESERVED
+CVE-2015-2609
+ RESERVED
+CVE-2015-2608
+ RESERVED
+CVE-2015-2607
+ RESERVED
+CVE-2015-2606
+ RESERVED
+CVE-2015-2605
+ RESERVED
+CVE-2015-2604
+ RESERVED
+CVE-2015-2603
+ RESERVED
+CVE-2015-2602
+ RESERVED
+CVE-2015-2601
+ RESERVED
+CVE-2015-2600
+ RESERVED
+CVE-2015-2599
+ RESERVED
+CVE-2015-2598
+ RESERVED
+CVE-2015-2597
+ RESERVED
+CVE-2015-2596
+ RESERVED
+CVE-2015-2595
+ RESERVED
+CVE-2015-2594
+ RESERVED
+CVE-2015-2593
+ RESERVED
+CVE-2015-2592
+ RESERVED
+CVE-2015-2591
+ RESERVED
+CVE-2015-2590
+ RESERVED
+CVE-2015-2589
+ RESERVED
+CVE-2015-2588
+ RESERVED
+CVE-2015-2587
+ RESERVED
+CVE-2015-2586
+ RESERVED
+CVE-2015-2585
+ RESERVED
+CVE-2015-2584
+ RESERVED
+CVE-2015-2583
+ RESERVED
+CVE-2015-2582
+ RESERVED
+CVE-2015-2581
+ RESERVED
+CVE-2015-2580
+ RESERVED
+CVE-2015-2579
+ RESERVED
+CVE-2015-2578
+ RESERVED
+CVE-2015-2577
+ RESERVED
+CVE-2015-2576
+ RESERVED
+CVE-2015-2575
+ RESERVED
+CVE-2015-2574
+ RESERVED
+CVE-2015-2573
+ RESERVED
+CVE-2015-2572
+ RESERVED
+CVE-2015-2571
+ RESERVED
+CVE-2015-2570
+ RESERVED
+CVE-2015-2569
+ RESERVED
+CVE-2015-2568
+ RESERVED
+CVE-2015-2567
+ RESERVED
+CVE-2015-2566
+ RESERVED
+CVE-2015-2565
+ RESERVED
+CVE-2015-2564 (SQL injection vulnerability in client-edit.php in ProjectSend
...)
+ TODO: check
+CVE-2015-2563 (SQL injection vulnerability in groups.php in Vastal I-Tech
phpVID ...)
+ TODO: check
+CVE-2015-2562 (Multiple SQL injection vulnerabilities in the Web-Dorado
ECommerce WD ...)
+ TODO: check
+CVE-2015-2561
+ RESERVED
+CVE-2015-2560
+ RESERVED
+CVE-2015-2558
+ RESERVED
+CVE-2015-2557
+ RESERVED
+CVE-2015-2556
+ RESERVED
+CVE-2015-2555
+ RESERVED
+CVE-2015-2554
+ RESERVED
+CVE-2015-2553
+ RESERVED
+CVE-2015-2552
+ RESERVED
+CVE-2015-2551
+ RESERVED
+CVE-2015-2550
+ RESERVED
+CVE-2015-2549
+ RESERVED
+CVE-2015-2548
+ RESERVED
+CVE-2015-2547
+ RESERVED
+CVE-2015-2546
+ RESERVED
+CVE-2015-2545
+ RESERVED
+CVE-2015-2544
+ RESERVED
+CVE-2015-2543
+ RESERVED
+CVE-2015-2542
+ RESERVED
+CVE-2015-2541
+ RESERVED
+CVE-2015-2540
+ RESERVED
+CVE-2015-2539
+ RESERVED
+CVE-2015-2538
+ RESERVED
+CVE-2015-2537
+ RESERVED
+CVE-2015-2536
+ RESERVED
+CVE-2015-2535
+ RESERVED
+CVE-2015-2534
+ RESERVED
+CVE-2015-2533
+ RESERVED
+CVE-2015-2532
+ RESERVED
+CVE-2015-2531
+ RESERVED
+CVE-2015-2530
+ RESERVED
+CVE-2015-2529
+ RESERVED
+CVE-2015-2528
+ RESERVED
+CVE-2015-2527
+ RESERVED
+CVE-2015-2526
+ RESERVED
+CVE-2015-2525
+ RESERVED
+CVE-2015-2524
+ RESERVED
+CVE-2015-2523
+ RESERVED
+CVE-2015-2522
+ RESERVED
+CVE-2015-2521
+ RESERVED
+CVE-2015-2520
+ RESERVED
+CVE-2015-2519
+ RESERVED
+CVE-2015-2518
+ RESERVED
+CVE-2015-2517
+ RESERVED
+CVE-2015-2516
+ RESERVED
+CVE-2015-2515
+ RESERVED
+CVE-2015-2514
+ RESERVED
+CVE-2015-2513
+ RESERVED
+CVE-2015-2512
+ RESERVED
+CVE-2015-2511
+ RESERVED
+CVE-2015-2510
+ RESERVED
+CVE-2015-2509
+ RESERVED
+CVE-2015-2508
+ RESERVED
+CVE-2015-2507
+ RESERVED
+CVE-2015-2506
+ RESERVED
+CVE-2015-2505
+ RESERVED
+CVE-2015-2504
+ RESERVED
+CVE-2015-2503
+ RESERVED
+CVE-2015-2502
+ RESERVED
+CVE-2015-2501
+ RESERVED
+CVE-2015-2500
+ RESERVED
+CVE-2015-2499
+ RESERVED
+CVE-2015-2498
+ RESERVED
+CVE-2015-2497
+ RESERVED
+CVE-2015-2496
+ RESERVED
+CVE-2015-2495
+ RESERVED
+CVE-2015-2494
+ RESERVED
+CVE-2015-2493
+ RESERVED
+CVE-2015-2492
+ RESERVED
+CVE-2015-2491
+ RESERVED
+CVE-2015-2490
+ RESERVED
+CVE-2015-2489
+ RESERVED
+CVE-2015-2488
+ RESERVED
+CVE-2015-2487
+ RESERVED
+CVE-2015-2486
+ RESERVED
+CVE-2015-2485
+ RESERVED
+CVE-2015-2484
+ RESERVED
+CVE-2015-2483
+ RESERVED
+CVE-2015-2482
+ RESERVED
+CVE-2015-2481
+ RESERVED
+CVE-2015-2480
+ RESERVED
+CVE-2015-2479
+ RESERVED
+CVE-2015-2478
+ RESERVED
+CVE-2015-2477
+ RESERVED
+CVE-2015-2476
+ RESERVED
+CVE-2015-2475
+ RESERVED
+CVE-2015-2474
+ RESERVED
+CVE-2015-2473
+ RESERVED
+CVE-2015-2472
+ RESERVED
+CVE-2015-2471
+ RESERVED
+CVE-2015-2470
+ RESERVED
+CVE-2015-2469
+ RESERVED
+CVE-2015-2468
+ RESERVED
+CVE-2015-2467
+ RESERVED
+CVE-2015-2466
+ RESERVED
+CVE-2015-2465
+ RESERVED
+CVE-2015-2464
+ RESERVED
+CVE-2015-2463
+ RESERVED
+CVE-2015-2462
+ RESERVED
+CVE-2015-2461
+ RESERVED
+CVE-2015-2460
+ RESERVED
+CVE-2015-2459
+ RESERVED
+CVE-2015-2458
+ RESERVED
+CVE-2015-2457
+ RESERVED
+CVE-2015-2456
+ RESERVED
+CVE-2015-2455
+ RESERVED
+CVE-2015-2454
+ RESERVED
+CVE-2015-2453
+ RESERVED
+CVE-2015-2452
+ RESERVED
+CVE-2015-2451
+ RESERVED
+CVE-2015-2450
+ RESERVED
+CVE-2015-2449
+ RESERVED
+CVE-2015-2448
+ RESERVED
+CVE-2015-2447
+ RESERVED
+CVE-2015-2446
+ RESERVED
+CVE-2015-2445
+ RESERVED
+CVE-2015-2444
+ RESERVED
+CVE-2015-2443
+ RESERVED
+CVE-2015-2442
+ RESERVED
+CVE-2015-2441
+ RESERVED
+CVE-2015-2440
+ RESERVED
+CVE-2015-2439
+ RESERVED
+CVE-2015-2438
+ RESERVED
+CVE-2015-2437
+ RESERVED
+CVE-2015-2436
+ RESERVED
+CVE-2015-2435
+ RESERVED
+CVE-2015-2434
+ RESERVED
+CVE-2015-2433
+ RESERVED
+CVE-2015-2432
+ RESERVED
+CVE-2015-2431
+ RESERVED
+CVE-2015-2430
+ RESERVED
+CVE-2015-2429
+ RESERVED
+CVE-2015-2428
+ RESERVED
+CVE-2015-2427
+ RESERVED
+CVE-2015-2426
+ RESERVED
+CVE-2015-2425
+ RESERVED
+CVE-2015-2424
+ RESERVED
+CVE-2015-2423
+ RESERVED
+CVE-2015-2422
+ RESERVED
+CVE-2015-2421
+ RESERVED
+CVE-2015-2420
+ RESERVED
+CVE-2015-2419
+ RESERVED
+CVE-2015-2418
+ RESERVED
+CVE-2015-2417
+ RESERVED
+CVE-2015-2416
+ RESERVED
+CVE-2015-2415
+ RESERVED
+CVE-2015-2414
+ RESERVED
+CVE-2015-2413
+ RESERVED
+CVE-2015-2412
+ RESERVED
+CVE-2015-2411
+ RESERVED
+CVE-2015-2410
+ RESERVED
+CVE-2015-2409
+ RESERVED
+CVE-2015-2408
+ RESERVED
+CVE-2015-2407
+ RESERVED
+CVE-2015-2406
+ RESERVED
+CVE-2015-2405
+ RESERVED
+CVE-2015-2404
+ RESERVED
+CVE-2015-2403
+ RESERVED
+CVE-2015-2402
+ RESERVED
+CVE-2015-2401
+ RESERVED
+CVE-2015-2400
+ RESERVED
+CVE-2015-2399
+ RESERVED
+CVE-2015-2398
+ RESERVED
+CVE-2015-2397
+ RESERVED
+CVE-2015-2396
+ RESERVED
+CVE-2015-2395
+ RESERVED
+CVE-2015-2394
+ RESERVED
+CVE-2015-2393
+ RESERVED
+CVE-2015-2392
+ RESERVED
+CVE-2015-2391
+ RESERVED
+CVE-2015-2390
+ RESERVED
+CVE-2015-2389
+ RESERVED
+CVE-2015-2388
+ RESERVED
+CVE-2015-2387
+ RESERVED
+CVE-2015-2386
+ RESERVED
+CVE-2015-2385
+ RESERVED
+CVE-2015-2384
+ RESERVED
+CVE-2015-2383
+ RESERVED
+CVE-2015-2382
+ RESERVED
+CVE-2015-2381
+ RESERVED
+CVE-2015-2380
+ RESERVED
+CVE-2015-2379
+ RESERVED
+CVE-2015-2378
+ RESERVED
+CVE-2015-2377
+ RESERVED
+CVE-2015-2376
+ RESERVED
+CVE-2015-2375
+ RESERVED
+CVE-2015-2374
+ RESERVED
+CVE-2015-2373
+ RESERVED
+CVE-2015-2372
+ RESERVED
+CVE-2015-2371
+ RESERVED
+CVE-2015-2370
+ RESERVED
+CVE-2015-2369
+ RESERVED
+CVE-2015-2368
+ RESERVED
+CVE-2015-2367
+ RESERVED
+CVE-2015-2366
+ RESERVED
+CVE-2015-2365
+ RESERVED
+CVE-2015-2364
+ RESERVED
+CVE-2015-2363
+ RESERVED
+CVE-2015-2362
+ RESERVED
+CVE-2015-2361
+ RESERVED
+CVE-2015-2360
+ RESERVED
+CVE-2015-2359
+ RESERVED
+CVE-2015-2358
+ RESERVED
+CVE-2015-2357
+ RESERVED
+CVE-2015-2356
+ RESERVED
+CVE-2015-2355
+ RESERVED
+CVE-2015-2354
+ RESERVED
+CVE-2015-2353
+ RESERVED
+CVE-2015-2352 (The cache handler in MyBB (aka MyBulletinBoard) before 1.8.4
does not ...)
+ TODO: check
+CVE-2015-2351 (Multiple cross-site scripting (XSS) vulnerabilities in Alkacon
OpenCms ...)
+ TODO: check
+CVE-2015-2350 (Cross-site request forgery (CSRF) vulnerability in MikroTik
RouterOS ...)
+ TODO: check
+CVE-2015-2349 (Cross-site scripting (XSS) vulnerability in
defaultnewsletter.php in ...)
+ TODO: check
+CVE-2014-9708
+ RESERVED
+CVE-2014-9707
+ RESERVED
CVE-2015-XXXX [btrfs: non-atomic xattr replace operation]
- linux <unfixed>
- linux-2.6 <removed>
@@ -47,6 +695,7 @@
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/03/20/12
TODO: check affected versions
CVE-2014-9706 [dulwich: does not reject commits with invalid paths]
+ RESERVED
- dulwich <unfixed> (bug #780989)
NOTE: Patch:
https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176
NOTE: http://www.openwall.com/lists/oss-security/2015/03/21/1
@@ -85,6 +734,7 @@
CVE-2015-2332 (Cross-site scripting (XSS) vulnerability in member.php in MyBB
(aka ...)
TODO: check
CVE-2015-2559 [SA-CORE-2015-001: Access bypass]
+ RESERVED
{DSA-3200-1}
- drupal7 7.32-1+deb8u2 (bug #780772)
- drupal6 <removed>
@@ -139,6 +789,7 @@
CVE-2015-XXXX [permissive file access allowed from nasal]
- flightgear 3.0.0-5 (bug #780712)
CVE-2015-2666 [execution in the early microcode loader]
+ RESERVED
- linux <unfixed>
[wheezy] - linux <not-affected> (Introduced in 3.9)
- linux-2.6 <not-affected> (Introduced in 3.9)
@@ -149,6 +800,7 @@
- shibboleth-sp2 <unfixed>
NOTE: http://shibboleth.net/community/advisories/secadv_20150319.txt
CVE-2015-2672 [unprivileged denial-of-service due to mis-protected
xsave/xrstor instructions]
+ RESERVED
- linux <not-affected>
- linux-2.6 <not-affected>
NOTE: Introduced by
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f31a9f7c71691569359fa7fb8b0acaa44bce0324
(v3.17-rc1)
@@ -334,6 +986,7 @@
CVE-2010-5322 (Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and
earlier ...)
TODO: check
CVE-2015-2674 [Doesn't Validate TLS]
+ RESERVED
- python-restkit <unfixed>
[jessie] - python-restkit <no-dsa> (Minor issue)
[wheezy] - python-restkit <no-dsa> (Minor issue)
@@ -344,8 +997,8 @@
RESERVED
CVE-2015-2282
RESERVED
-CVE-2015-2281
- RESERVED
+CVE-2015-2281 (Stack-based buffer overflow in collectoragent.exe in Fortinet
Single ...)
+ TODO: check
CVE-2015-2280
RESERVED
CVE-2015-2279
@@ -590,6 +1243,7 @@
CVE-2015-2193
RESERVED
CVE-2015-2675 [Invalid pointer dereference in the GNOME librest library]
+ RESERVED
- librest 0.7.92-3 (bug #780101)
[wheezy] - librest <not-affected> (rest_proxy_call_get_url not yet used)
[squeeze] - librest <not-affected> (rest_proxy_call_get_url not yet
used)
@@ -1529,18 +2183,15 @@
NOTE: only mentions that the issue does affect the Linux
NOTE: kernel packages as shipped with Red Hat Enterprise
NOTE: Linux 5, 6, and 7, and Red Hat Enterprise MRG 2.
-CVE-2015-1804 [bdfReadCharacters: ensure metrics fit into xCharInfo struct]
- RESERVED
+CVE-2015-1804 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org
libXfont ...)
{DSA-3194-1}
- libxfont 1:1.5.1-1
NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1803 [bdfReadCharacters: bailout if a char's bitmap cannot be read]
- RESERVED
+CVE-2015-1803 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org
libXfont ...)
{DSA-3194-1}
- libxfont 1:1.5.1-1
NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
-CVE-2015-1802 [bdfReadProperties: property count needs range check]
- RESERVED
+CVE-2015-1802 (The bdfReadProperties function in bitmap/bdfread.c in X.Org
libXfont ...)
{DSA-3194-1}
- libxfont 1:1.5.1-1
NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
@@ -1576,8 +2227,7 @@
RESERVED
CVE-2015-1788
RESERVED
-CVE-2015-1787
- RESERVED
+CVE-2015-1787 (The ssl3_get_client_key_exchange function in s3_srvr.c in
OpenSSL ...)
- openssl <not-affected> (Only affects 1.0.2, only in experimental)
CVE-2015-1786
RESERVED
@@ -4250,8 +4900,8 @@
RESERVED
CVE-2015-0942
RESERVED
-CVE-2015-0941
- RESERVED
+CVE-2015-0941 (The Inetc plugin for Nullsoft Scriptable Install System (NSIS),
as ...)
+ TODO: check
CVE-2015-0940
RESERVED
CVE-2015-0939
@@ -4607,8 +5257,8 @@
RESERVED
CVE-2015-0899
RESERVED
-CVE-2015-0898
- RESERVED
+CVE-2015-0898 (futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on
Windows ...)
+ TODO: check
CVE-2015-0897
RESERVED
CVE-2015-0896 (Multiple cross-site scripting (XSS) vulnerabilities in
eXtplorer ...)
@@ -5131,14 +5781,14 @@
RESERVED
CVE-2015-0672
RESERVED
-CVE-2015-0671
- RESERVED
-CVE-2015-0670
- RESERVED
-CVE-2015-0669
- RESERVED
-CVE-2015-0668
- RESERVED
+CVE-2015-0671 (The DNS implementation in Cisco Videoscape Distribution Suite
for ...)
+ TODO: check
+CVE-2015-0670 (The default configuration of Cisco Small Business IP phones SPA
300 ...)
+ TODO: check
+CVE-2015-0669 (The Autonomic Networking Infrastructure (ANI) implementation in
Cisco ...)
+ TODO: check
+CVE-2015-0668 (Cross-site scripting (XSS) vulnerability in the administration
portal ...)
+ TODO: check
CVE-2015-0667 (The Management Interface on Cisco Content Services Switch (CSS)
11500 ...)
NOT-FOR-US: Cisco
CVE-2015-0666
@@ -7917,40 +8567,31 @@
[experimental] - gnutls28 3.3.13-1
- gnutls28 3.3.8-6 (bug #779428)
NOTE:
https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff
(gnutls_3_3_13)
-CVE-2015-0293
- RESERVED
+CVE-2015-0293 (The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0
before ...)
{DLA-177-1}
- openssl 1.0.0c-2
NOTE: 1.0.0c-2 dropped SSLv2 support
-CVE-2015-0292
- RESERVED
+CVE-2015-0292 (Integer underflow in the EVP_DecodeUpdate function in ...)
{DSA-3197-1 DLA-177-1}
- openssl 1.0.1h-1
-CVE-2015-0291
- RESERVED
+CVE-2015-0291 (The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before
1.0.2a ...)
- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0290
- RESERVED
+CVE-2015-0290 (The multi-block feature in the ssl3_write_bytes function in
s3_pkt.c ...)
- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0289
- RESERVED
+CVE-2015-0289 (The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0
before ...)
{DSA-3197-1 DLA-177-1}
- openssl 1.0.1k-2
-CVE-2015-0288
- RESERVED
+CVE-2015-0288 (The X509_to_X509_REQ function in crypto/x509/x509_req.c in
OpenSSL ...)
{DSA-3197-1 DLA-177-1}
- openssl 1.0.1k-2
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9
-CVE-2015-0287
- RESERVED
+CVE-2015-0287 (The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in
OpenSSL ...)
{DSA-3197-1 DLA-177-1}
- openssl 1.0.1k-2
-CVE-2015-0286
- RESERVED
+CVE-2015-0286 (The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL
before ...)
{DSA-3197-1 DLA-177-1}
- openssl 1.0.1k-2
-CVE-2015-0285
- RESERVED
+CVE-2015-0285 (The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2
before ...)
- openssl <not-affected> (Only affects 1.0.2, only in experimental)
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e1b568dd2462f7cacf98f3d117936c34e2849a6b
CVE-2015-0284
@@ -8246,16 +8887,13 @@
RESERVED
NOTE: likely to be REJECTed
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0210
-CVE-2015-0209
- RESERVED
+CVE-2015-0209 (Use-after-free vulnerability in the d2i_ECPrivateKey function
in ...)
{DSA-3197-1 DLA-177-1}
- openssl 1.0.1k-2
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a
-CVE-2015-0208
- RESERVED
+CVE-2015-0208 (The ASN.1 signature-verification implementation in the
rsa_item_verify ...)
- openssl <not-affected> (Only affects 1.0.2, only in experimental)
-CVE-2015-0207
- RESERVED
+CVE-2015-0207 (The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before
1.0.2a ...)
- openssl <not-affected> (Only affects 1.0.2, only in experimental)
CVE-2015-0206 (Memory leak in the dtls1_buffer_record function in d1_pkt.c in
OpenSSL ...)
{DSA-3125-1}
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
