[Secure-testing-commits] r39223 - data/CVE

David Prévot Tue, 26 Jan 2016 20:32:46 -0800

Author: taffit
Date: 2016-01-27 04:32:20 +0000 (Wed, 27 Jan 2016)
New Revision: 39223


Modified:
   data/CVE/list
Log:
Document CVE-2016-1902/symfony fixed in 2.7.9+dfsg-1

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-01-27 04:26:56 UTC (rev 39222)
+++ data/CVE/list       2016-01-27 04:32:20 UTC (rev 39223)
@@ -513,8 +513,11 @@
 CVE-2016-1919 [Weak eCryptFS Key generation from user password on KNOX 1.0 / 
Android 4.3]
        RESERVED
        NOT-FOR-US: KNOX 1.0 / Android 4.3
-CVE-2016-1902
+CVE-2016-1902 [SecureRandom's fallback not secure when OpenSSL fails]
        RESERVED
+       - symfony 2.7.9+dfsg-1
+       NOTE: 
http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
+       NOTE: https://github.com/symfony/symfony/pull/17359
 CVE-2016-1906 [Kubernetes api server: build config to a strategy that isn't 
allowed by policy]
        RESERVED
        - kubernetes <itp> (bug #795652)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39223 - data/CVE

Reply via email to