[Secure-testing-commits] r36914 - data/CVE

Raphaël Hertzog Wed, 30 Sep 2015 05:56:48 -0700

Author: hertzog
Date: 2015-09-30 12:55:48 +0000 (Wed, 30 Sep 2015)
New Revision: 36914


Modified:
   data/CVE/list
Log:
Add possible commit fixing the bouncycastle ecc leak

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-09-30 11:03:20 UTC (rev 36913)
+++ data/CVE/list       2015-09-30 12:55:48 UTC (rev 36914)
@@ -972,7 +972,7 @@
        - bouncycastle <unfixed>
        [experimental] - bouncycastle 1.51-1
        NOTE: 
http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
-       NOTE: 2015-09-28: Mail sent to upstream authors to ask for commits to 
backport. --Raphael Hertzog
+       NOTE: 2015-09-28: Mail sent to upstream authors to ask for commits to 
backport (possibly https://github.com/bcgit/bc-java/commit/5cb2f05). --Raphael 
Hertzog
 CVE-2015-6939 (Cross-site scripting (XSS) vulnerability in the login module in 
...)
        NOT-FOR-US: Joomla
 CVE-2015-6936


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r36914 - data/CVE

Reply via email to