Author: gilbert-guest
Date: 2009-05-11 01:01:39 +0000 (Mon, 11 May 2009)
New Revision: 11869
Modified:
data/CVE/list
Log:
etch/lenny not-affected by opensc issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-05-10 21:14:13 UTC (rev 11868)
+++ data/CVE/list 2009-05-11 01:01:39 UTC (rev 11869)
@@ -37,6 +37,9 @@
- system-tools-backends <unfixed> (low; bug #527952)
CVE-2009-XXXX [opensc: insecure due to wrong public exponent]
- opensc 0.11.8 (high; bug #527640)
+ [etch] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
+ [lenny] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
+ NOTE: checked code, public exponent set correctly in etch/lenny versions
(CK_BYTE publicExponent[] = { 3 };)
CVE-2009-1581
RESERVED
CVE-2009-1580