[Git][security-tracker-team/security-tracker][master] Add CVE-2018-0734/openssl

Tue, 30 Oct 2018 00:48:02 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d1c6c695 by Salvatore Bonaccorso at 2018-10-30T07:47:14Z
Add CVE-2018-0734/openssl

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49844,8 +49844,16 @@ CVE-2018-0735 (The OpenSSL ECDSA signature algorithm 
has been shown to be vulner
        NOTE: https://www.openssl.org/news/secadv/20181029.txt
        NOTE: OpenSSL_1_1_1-stable: 
https://git.openssl.org/?p=openssl.git;a=commit;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4
        NOTE: OpenSSL_1_1_0-stable: 
https://git.openssl.org/?p=openssl.git;a=commit;h=56fb454d281a023b3f950d969693553d3f3ceea1
-CVE-2018-0734
+CVE-2018-0734 [Timing vulnerability in DSA signature generation]
        RESERVED
+       - openssl <unfixed>
+       [stretch] - openssl <postponed> (Wait for next DSA and upstream release)
+       - openssl1.0 <unfixed>
+       [stretch] - openssl1.0 <postponed> (Wait for next DSA and upstream 
release)
+       NOTE: https://www.openssl.org/news/secadv/20181030.txt
+       NOTE: OpenSSL_1_1_1-stable: 
https://git.openssl.org/?p=openssl.git;a=commit;h=8abfe72e8c1de1b95f50aa0d9134803b4d00070f
+       NOTE: OpenSSL_1_1_0-stable: 
https://git.openssl.org/?p=openssl.git;a=commit;h=ef11e19d1365eea2b1851e6f540a0bf365d303e7
+       NOTE: OpenSSL_1_0_2-stable: 
https://git.openssl.org/?p=openssl.git;a=commit;h=43e6a58d4991a451daf4891ff05a48735df871ac
 CVE-2018-0733 (Because of an implementation bug the PA-RISC CRYPTO_memcmp 
function is ...)
        - openssl 1.1.0h-1 (unimportant)
        [stretch] - openssl 1.1.0f-3+deb9u2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d1c6c69568d952b3c214873895b665b80a2f65ed

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d1c6c69568d952b3c214873895b665b80a2f65ed
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to