Author: carnil Date: 2015-03-23 21:05:19 +0000 (Mon, 23 Mar 2015) New Revision: 33094
Modified: data/CVE/list Log: Add two tor issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-03-23 21:03:00 UTC (rev 33093) +++ data/CVE/list 2015-03-23 21:05:19 UTC (rev 33094) @@ -1,3 +1,16 @@ +CVE-2015-XXXX [Assertion failure in dns.c, possibly connected to UDP DoS attack] + - tor 0.2.5.11-1 + [wheezy] - tor 0.2.4.26-1 + [squeeze] - tor 0.2.4.26-1~deb6u1 + NOTE: https://bugs.torproject.org/14129 + NOTE: No CVE requested yet +CVE-2015-XXXX [relay could crash with an assertion] + - tor 0.2.5.11-1 + [wheezy] - tor 0.2.4.26-1 + [squeeze] - tor 0.2.4.26-1~deb6u1 + NOTE: added workaround, add to data/D[L|S]A/list + NOTE: https://trac.torproject.org/projects/tor/ticket/15083 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/23/17 CVE-2015-XXXX [sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer] - linux <not-affected> (Introduced in 3.19, never uploaded to unstable) - linux-2.6 <not-affected> (Introduced in 3.19, never uploaded to unstable) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
