Author: micah Date: 2006-02-15 17:21:54 +0000 (Wed, 15 Feb 2006) New Revision: 3493 Modified: data/CVE/list Log: Update on gnupg issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-15 16:20:52 UTC (rev 3492) +++ data/CVE/list 2006-02-15 17:21:54 UTC (rev 3493) @@ -578,8 +578,9 @@ RESERVED CVE-2006-0455 [buggy return codes in gpg''s sig verification code] RESERVED - - gnupg <unfixed> - [woody] - gnupg <not-affected> (Only gpg 1.4.x are vulnerable) + - gnupg <unfixed> (bug #353017; medium) + NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html indicates that + NOTE: *all* versions are affected because gpg --verify is also affected CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ...) - linux-2.6 2.6.15-5 [sarge] - kernel-source-2.6.8 <not-affected>