Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1117e724 by Salvatore Bonaccorso at 2019-02-26T16:33:05Z
Add hardening commit reference for CVE-2019-1559 and OpenSSL_1_1_0-stable branch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19883,6 +19883,10 @@ CVE-2019-1559 [0-byte record padding oracle]
- openssl1.0 <unfixed>
NOTE: OpenSSL_1_0_2-stable:
https://git.openssl.org/?p=openssl.git;a=commit;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
NOTE: OpenSSL_1_0_2-stable:
https://git.openssl.org/?p=openssl.git;a=commit;h=48c8bcf5bca0ce7751f49599381e143de1b61786
+ NOTE: OpenSSL_1_1_0-stable:
https://git.openssl.org/?p=openssl.git;a=commit;h=5741d5bb74797e4532acc9f42e54c44a2726c179
(only hardening)
+ NOTE: 1.1.0 is not impacted by CVE-2019-1559. The CVE is a result of
applications
+ NOTE: calling SSL_shutdown after a fatal alert has occurred. 1.1.0 is
not vulnerable
+ NOTE: to this issue.
NOTE: https://www.openssl.org/news/secadv/20190226.txt
CVE-2019-1558
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1117e72456a0e7a8b89910aa03134bae8d8a8886
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1117e72456a0e7a8b89910aa03134bae8d8a8886
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
