[Secure-testing-commits] r55118 - data/CVE

Salvatore Bonaccorso Sun, 27 Aug 2017 02:22:15 -0700

Author: carnil
Date: 2017-08-27 09:21:40 +0000 (Sun, 27 Aug 2017)
New Revision: 55118


Modified:
   data/CVE/list
Log:
Add CVE-2017-0379/libgcrypt20

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-26 22:50:46 UTC (rev 55117)
+++ data/CVE/list       2017-08-27 09:21:40 UTC (rev 55118)
@@ -37415,8 +37415,12 @@
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-0380
        RESERVED
-CVE-2017-0379
+CVE-2017-0379 [side-channel attack on Curve25519]
        RESERVED
+       - libgcrypt20 <unfixed>
+       [jessie] - libgcrypt20 <not-affected> (Vulnerable code not present, no 
Curve25519 support)
+       - libgcrypt11 <not-affected> (Vulnerable code not present, no 
Curve25519 support)
+       NOTE: 
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=da780c8183cccc8f533c8ace8211ac2cb2bdee7b
 CVE-2017-0378 (XSS exists in the login_form function in views/helpers.php in 
Phamm ...)
        - phamm <unfixed> (bug #868988)
        [stretch] - phamm <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r55118 - data/CVE

Reply via email to