[Secure-testing-commits] r38646 - data/CVE

Salvatore Bonaccorso Sat, 02 Jan 2016 08:20:06 -0800

Author: carnil
Date: 2016-01-02 16:19:08 +0000 (Sat, 02 Jan 2016)
New Revision: 38646


Modified:
   data/CVE/list
Log:
Add bug reference for CVE-2015-8559 and mark as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-01-02 15:50:07 UTC (rev 38645)
+++ data/CVE/list       2016-01-02 16:19:08 UTC (rev 38646)
@@ -1686,7 +1686,9 @@
        NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
 CVE-2015-8559 [knife bootstrap leaks validator privkey into system logs]
        RESERVED
-       - chef <unfixed>
+       - chef <unfixed> (bug #809670)
+       [jessie] - chef <no-dsa> (Minor issue; workaround using validatorless 
bootstrapping)
+       [wheezy] - chef <no-dsa> (Minor issue; workaround using validatorless 
bootstrapping)
        NOTE: https://github.com/chef/chef/issues/3871
        NOTE: http://www.openwall.com/lists/oss-security/2015/12/14/10
        NOTE: Workaround: use validatorless bootstrapping


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r38646 - data/CVE

Reply via email to