[Secure-testing-commits] r35564 - data/CVE

Sat, 18 Jul 2015 23:58:38 -0700 

Author: carnil
Date: 2015-07-19 06:57:57 +0000 (Sun, 19 Jul 2015)
New Revision: 35564

Modified:
   data/CVE/list
Log:
Update for wolfssl entries, but add a NOTE

Actually fixed with the "initial" upload to unstable after the rename by
upstream.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-07-18 22:10:10 UTC (rev 35563)
+++ data/CVE/list       2015-07-19 06:57:57 UTC (rev 35564)
@@ -22516,7 +22516,8 @@
        NOT-FOR-US: WordPress plugin Huge-IT Image Gallery
 CVE-2014-XXXX [cyassl: RSA Padding check vulnerability]
        - cyassl <unfixed>
-       - wolfssl <undetermined>
+       - wolfssl 3.4.8+dfsg-1
+       NOTE: wolfssl actually fixed with the initial upload to unstable after 
the rename
        NOTE: 
http://www.yassl.com/yaSSL/Blog/Entries/2014/9/12_CyaSSL_3.2.0_Released.html
        NOTE: http://www.intelsecurity.com/advanced-threat-research/#
        NOTE: similar to CVE-2014-1568 in nss
@@ -31248,7 +31249,8 @@
        [squeeze] - chromium-browser <end-of-life>
        - conkeror <unfixed> (unimportant)
        - cyassl <unfixed> (bug #769905)
-       - wolfssl <undetermined>
+       - wolfssl 3.4.8+dfsg-1
+       NOTE: wolfssl actually fixed with the initial upload to unstable after 
the rename
        - dwb <unfixed> (unimportant)
        - openssl 1.0.1j-1
        [wheezy] - openssl <no-dsa> (Will be addressed through a point update, 
#774299)
@@ -33270,21 +33272,25 @@
        RESERVED
        - cyassl <unfixed> (bug #770229)
        - wolfssl 3.4.8+dfsg-1 (bug #792646)
+       NOTE: wolfssl actually fixed with the initial upload to unstable after 
the rename
        NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2903
        RESERVED
        - cyassl <unfixed> (bug #770229)
        - wolfssl 3.4.8+dfsg-1 (bug #792646)
+       NOTE: wolfssl actually fixed with the initial upload to unstable after 
the rename
        NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2902
        RESERVED
        - cyassl <unfixed> (bug #770229)
        - wolfssl 3.4.8+dfsg-1 (bug #792646)
+       NOTE: wolfssl actually fixed with the initial upload to unstable after 
the rename
        NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2901
        RESERVED
        - cyassl <unfixed> (bug #770229)
        - wolfssl 3.4.8+dfsg-1 (bug #792646)
+       NOTE: wolfssl actually fixed with the initial upload to unstable after 
the rename
        NOTE: according to maintainer addressed in 3.2.0 upstream
 CVE-2014-2900 (wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 
...)
        - cyassl 2.9.4+dfsg-1


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to