Author: seb
Date: 2016-11-30 11:26:18 +0000 (Wed, 30 Nov 2016)
New Revision: 46658
Modified:
data/CVE/list
Log:
Mark CVE-2016-9132 (botan1.10) as no-dsa due to apparent lack of exploitability
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-30 11:24:01 UTC (rev 46657)
+++ data/CVE/list 2016-11-30 11:26:18 UTC (rev 46658)
@@ -1886,8 +1886,10 @@
CVE-2016-9132 [Integer overflow in BER decoder]
RESERVED
- botan1.10 1.10.14-1
+ [jessie] - botan1.10 <no-dsa> (Minor issue)
NOTE: Fixed in 1.10.14 and 1.11.34, all prior versions affected.
NOTE: Fixed by:
https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f
+ NOTE: Not believed to be exploitable in practice
CVE-2016-9131
RESERVED
CVE-2016-9130
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
