[Secure-testing-commits] r41388 - data/CVE

Tue, 03 May 2016 10:16:47 -0700 

Author: kroeckx
Date: 2016-05-03 17:15:23 +0000 (Tue, 03 May 2016)
New Revision: 41388

Modified:
   data/CVE/list
Log:
Add openssl fixed version for unstable.


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-05-03 17:07:30 UTC (rev 41387)
+++ data/CVE/list       2016-05-03 17:15:23 UTC (rev 41388)
@@ -6302,6 +6302,7 @@
 CVE-2016-2176 [EBCDIC overread]
        RESERVED
        - openssl <not-affected> (Only affects EBCDIC systems)
+       - openssl 1.0.2h-1
        NOTE: Fixed in master in 
https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8ff032df3219
        NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2175
@@ -6500,7 +6501,7 @@
        NOTE: https://www.samba.org/samba/security/CVE-2016-2110.html
 CVE-2016-2109 [ASN.1 BIO excessive memory allocation]
        RESERVED
-       - openssl <unfixed> (low)
+       - openssl 1.0.2h-1
        NOTE: Fixed in master in 
https://git.openssl.org/?p=openssl.git;a=commit;h=c62981390d6cf9e3d612c489b8b77c2913b25807
        NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2108 [Memory corruption in the ASN.1 encoder]
@@ -6509,16 +6510,16 @@
        NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2107 [Padding oracle in AES-NI CBC MAC check]
        RESERVED
-       - openssl <unfixed>
+       - openssl 1.0.2h-1
        NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2106 [EVP_EncryptUpdate overflow]
        RESERVED
-       - openssl <unfixed> (low)
+       - openssl 1.0.2h-1
        NOTE: Fixed in master in 
https://git.openssl.org/?p=openssl.git;a=commit;h=3f3582139fbb259a1c3cbb0a25236500a409bf26
        NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2105 [EVP_EncodeUpdate overflow]
        RESERVED
-       - openssl <unfixed> (low)
+       - openssl 1.0.2h-1
        NOTE: Fixed in master in 
https://git.openssl.org/?p=openssl.git;a=commit;h=ee1e3cac2e83abc77bcc8ff98729ca1e10fcc920
        NOTE: https://www.openssl.org/news/secadv/20160503.txt
 CVE-2016-2104


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to