thijs at alioth.debian.org
2008-May-13 12:29 UTC
[Secure-testing-commits] r8796 - in data: CVE DSA
Author: thijs
Date: 2008-05-13 12:29:25 +0000 (Tue, 13 May 2008)
New Revision: 8796
Modified:
data/CVE/list
data/DSA/list
Log:
DSA 1571 unembargoed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-05-13 12:06:21 UTC (rev 8795)
+++ data/CVE/list 2008-05-13 12:29:25 UTC (rev 8796)
@@ -4601,8 +4601,10 @@
RESERVED
CVE-2008-0167
RESERVED
-CVE-2008-0166
+CVE-2008-0166 [openssl predictable random number generator]
RESERVED
+ - openssl 0.9.8g-9
+ NOTE: http://www.debian.org/security/key-rollover/
CVE-2008-0165 (Cross-site request forgery (CSRF) vulnerability in Ikiwiki
before 2.42 ...)
{DSA-1553-1}
- ikiwiki 2.42
Modified: data/DSA/list
==================================================================---
data/DSA/list 2008-05-13 12:06:21 UTC (rev 8795)
+++ data/DSA/list 2008-05-13 12:29:25 UTC (rev 8796)
@@ -10,6 +10,9 @@
[11 May 2008] DSA-1572-1 php5 - several vulnerabilities
{CVE-2007-3806 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051}
[etch] - php5 5.2.0-8+etch11
+[13 May 2008] DSA-1571-1 openssl - predictable random number generator
+ {CVE-2007-3108 CVE-2007-4995 CVE-2008-0166}
+ [etch] - openssl 0.9.8c-4etch3
[06 May 2008] DSA-1570-1 kazehakase - execution of arbitrary code
{CVE-2006-7227 CVE-2006-7228 CVE-2006-7230 CVE-2007-1659 CVE-2007-1660
CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768}
[etch] - kazehakase 0.4.2-1etch1