[Secure-testing-commits] r55876 - data/CVE

Salvatore Bonaccorso Mon, 18 Sep 2017 07:59:10 -0700

Author: carnil
Date: 2017-09-18 14:58:52 +0000 (Mon, 18 Sep 2017)
New Revision: 55876


Modified:
   data/CVE/list
Log:
Add CVE-2017-0380/tor

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-09-18 14:36:09 UTC (rev 55875)
+++ data/CVE/list       2017-09-18 14:58:52 UTC (rev 55876)
@@ -40332,8 +40332,12 @@
        {DSA-3731-1}
        - chromium-browser 55.0.2883.75-1
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
-CVE-2017-0380
+CVE-2017-0380 [Stack disclosure in hidden services logs when SafeLogging 
disabled]
        RESERVED
+       - tor <unfixed>
+       [jessie] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
+       [wheezy] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
+       NOTE: https://trac.torproject.org/projects/tor/ticket/23490
 CVE-2017-0379 (Libgcrypt before 1.8.1 does not properly consider Curve25519 
...)
        {DSA-3959-1}
        - libgcrypt20 1.7.9-1 (bug #873383)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r55876 - data/CVE

Reply via email to