Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0f25376b by Salvatore Bonaccorso at 2018-04-21T09:00:45+02:00
tor: replace github repository refereces with offcial repository
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -77622,7 +77622,7 @@ CVE-2017-0380 (The rend_service_intro_established
function in or/rendservice.c i
[jessie] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
[wheezy] - tor <not-affected> (Issue introduced in 0.2.7.2-alpha)
NOTE: https://trac.torproject.org/projects/tor/ticket/23490
- NOTE:
https://github.com/torproject/tor/commit/09ea89764a4d3a907808ed7d4fe42abfe64bd486
+ NOTE:
https://gitweb.torproject.org/tor.git/commit/?id=09ea89764a4d3a907808ed7d4fe42abfe64bd486
CVE-2017-0379 (Libgcrypt before 1.8.1 does not properly consider Curve25519
...)
{DSA-3959-1}
- libgcrypt20 1.7.9-1 (bug #873383)
@@ -77645,12 +77645,12 @@ CVE-2017-0376 (The hidden-service feature in Tor
before 0.3.0.8 allows a denial
{DSA-3877-1 DLA-982-1}
- tor 0.2.9.11-1 (bug #864424)
NOTE: https://trac.torproject.org/22494
- NOTE: Fixed by:
https://github.com/torproject/tor/commit/56a7c5bc15e0447203a491c1ee37de9939ad1dcd
+ NOTE: Fixed by:
https://gitweb.torproject.org/tor.git/commit/?id=56a7c5bc15e0447203a491c1ee37de9939ad1dcd
NOTE: Introduced in 0.2.2.1-alpha; fixed in 0.2.4.29, 0.2.5.14,
0.2.6.12, 0.2.7.8, 0.2.8.14, 0.2.9.11 0.3.0.8, 0.3.1.3-alpha
CVE-2017-0375 (The hidden-service feature in Tor before 0.3.0.8 allows a
denial of ...)
- tor <not-affected> (Introduced in 0.3.0.1-alpha)
NOTE: https://trac.torproject.org/22493
- NOTE: Fixed by:
https://github.com/torproject/tor/commit/79b59a2dfcb68897ee89d98587d09e55f07e68d7
+ NOTE: Fixed by:
https://gitweb.torproject.org/tor.git/commit/?id=79b59a2dfcb68897ee89d98587d09e55f07e68d7
NOTE: Introduced in 0.3.0.1-alpha; fixed in 0.3.0.8, 0.3.1.3-alpha
CVE-2017-0374 (lib/Config/Model.pm in Config-Model (aka libconfig-model-perl)
before ...)
- libconfig-model-perl 2.097-2
@@ -81109,7 +81109,7 @@ CVE-2016-8860 (Tor before 0.2.8.9 and 0.2.9.x before
0.2.9.4-alpha had internal
- tor 0.2.8.9-1
NOTE: https://trac.torproject.org/projects/tor/ticket/20384
NOTE: https://blog.torproject.org/blog/tor-0289-released-important-fixes
- NOTE:
https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
+ NOTE:
https://gitweb.torproject.org/tor.git/commit/?id=3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/11
CVE-2016-9138 (PHP through 5.6.27 and 7.x through 7.0.12 mishandles property
...)
{DSA-3732-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0f25376bc9c8dacf6c2ce59754a42ae94ea35096
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0f25376bc9c8dacf6c2ce59754a42ae94ea35096
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
