Brian May pushed to branch master at Debian Security Tracker / security-tracker

fd006adc by Brian May at 2018-04-10T17:02:13+10:00
Annotate CVE-2018-6594

* Mark no-dsa in wheezy.
* Add comment about why this isn't being fixed upstream.

- - - - -

1 changed file:

- data/CVE/list


--- a/data/CVE/list
+++ b/data/CVE/list
@@ -8659,11 +8659,14 @@ CVE-2018-6594 (lib/Crypto/PublicKey/ in 
PyCrypto through 2.6.1 generat
        - python-crypto <unfixed> (bug #889999)
        [stretch] - python-crypto <no-dsa> (Minor issue)
        [jessie] - python-crypto <no-dsa> (Minor issue)
+       [wheezy] - python-crypto <no-dsa> (Minor issue)
        NOTE: PyCrypto:
        NOTE: The issue is found as well in pycryptodome (fork from 
        NOTE: PyCryptodome:
        NOTE: PyCrytpodome:
        NOTE: See further discussion as per
+       NOTE: Upstream feels that this is not a vulnerability in 
+       NOTE: but in an application using it in an insecure manner.
 CVE-2018-6593 (An issue was discovered in MalwareFox AntiMalware 
Improper ...)
        NOT-FOR-US: MalwareFox AntiMalware
 CVE-2018-6592 (Unisys Stealth 3.3 Windows endpoints before allow 
local ...)

View it on GitLab:

View it on GitLab:
You're receiving this email because of your account on
Secure-testing-commits mailing list

Reply via email to