Author: gilbert-guest Date: 2010-12-02 04:19:59 +0000 (Thu, 02 Dec 2010) New Revision: 15640 Modified: data/CVE/list Log: tracking minor elfsign issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-12-01 21:15:49 UTC (rev 15639) +++ data/CVE/list 2010-12-02 04:19:59 UTC (rev 15640) @@ -1,3 +1,8 @@ +CVE-2010-XXXX [elfsign uses cryptographically weak md5 hashes] + - elfsign <unfixed> (low; bug #555668) + [lenny] - elfsign <no-dsa> (a stronger hashing algorithm would completely change functionality of the package) + [squeeze] - elfsign <no-dsa> (a stronger hashing algorithm would completely change functionality of the package) + NOTE: too late to fix in squeeze release cycle, but this should be fixed for wheezy CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive Security ...) TODO: check CVE-2010-4353