Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
839b69a5 by Salvatore Bonaccorso at 2020-09-26T09:05:36+02:00
Update information on CVE-2020-1968
The fixed DH ciphersuites were removed thus in 1.1.0~pre2 already
upstream. Track down the unstable version which first contained that
change and reshuffle the comments.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -58675,12 +58675,12 @@ CVE-2020-1970
CVE-2020-1969
RESERVED
CVE-2020-1968 (The Raccoon attack exploits a flaw in the TLS specification
which can ...)
- - openssl 1.1.1~~pre9-1
- [stretch] - openssl <not-affected> (Affected ciphers removed in
upstream commit bc71f91, included in 1.1.0-pre2)
+ - openssl 1.1.0c-1
- openssl1.0 <removed>
- NOTE: Marking the first openssl 1.1.1 version in unstable as the fixed
version in sid
NOTE: https://www.openssl.org/news/secadv/20200909.txt
NOTE: https://raccoon-attack.com/
+ NOTE: Fixed DH ciphersuites removed upstream in 1.1.0~pre2:
+ NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb
(OpenSSL_1_1_0-pre2)
CVE-2020-1967 (Server or client applications that call the SSL_check_chain()
function ...)
{DSA-4661-1}
- openssl 1.1.1g-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/839b69a545324c10daf95ba9062fa2a191963850
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/839b69a545324c10daf95ba9062fa2a191963850
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
