jmm-guest at alioth.debian.org
2007-Aug-15 20:27 UTC
[Secure-testing-commits] r6327 - data/CVE
Author: jmm-guest Date: 2007-08-15 20:27:13 +0000 (Wed, 15 Aug 2007) New Revision: 6327 Modified: data/CVE/list Log: openssl no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-15 20:20:47 UTC (rev 6326) +++ data/CVE/list 2007-08-15 20:27:13 UTC (rev 6327) @@ -2824,6 +2824,8 @@ NOT-FOR-US: Microsoft FrontPage CVE-2007-3108 (The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL ...) - openssl 0.9.8e-6 (bug #438142; low) + [sarge] - openssl <no-dsa> (Not exploitable in a real-world scenario) + [etch] - openssl <no-dsa> (Not exploitable in a real-world scenario) CVE-2007-3107 (The signal handling in the Linux kernel 2.6.2 and later, when run on ...) - linux-2.6 <unfixed> (unimportant) NOTE: Not reproducibly reliably by an attacker, mostly a bug