Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
89762586 by Salvatore Bonaccorso at 2024-06-04T23:26:32+02:00
Update notes for CVE-2010-0928/openssl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -650400,8 +650400,9 @@ CVE-2010-XXXX [phpbb 3.0.7 permissions bypass]
CVE-2010-0928 (OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx
Virtex- ...)
- openssl <unfixed> (unimportant)
NOTE:
http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf
- NOTE: somewhat impractical right now, but the openssl developers are
working
- NOTE: on a fix just in case
+ NOTE: https://github.com/openssl/openssl/discussions/24540
+ NOTE: Fault injection based attacks are not within OpenSSLs threat
model according
+ NOTE: to the security policy:
https://www.openssl.org/policies/general/security-policy.html
CVE-2010-0926 (The default configuration of smbd in Samba before 3.3.11, 3.4.x
before ...)
- samba 2:3.4.6~dfsg-1 (low; bug #568493; bug #572953)
[lenny] - samba <no-dsa> (Minor issue, patch breaks existing behaviour,
can be fixed through configuration modifications)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/897625860eedee9c192c9e2b4667fda79c8bdb96
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/897625860eedee9c192c9e2b4667fda79c8bdb96
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
