Bug#961422: [Pkg-erlang-devel] Bug#961422: yaws: CVE-2020-12872

Hi Sergei! [Cc'in security team alias] On Sun, May 24, 2020 at 08:05:23PM +0300, Sergei Golovan wrote: > Hi Salvatore, > > On Sun, May 24, 2020 at 4:09 PM Salvatore Bonaccorso > wrote: > > > > The following vulnerability was published for yaws. > > > > CVE-2020-12872[0]: > > | yaws_config.erl

Bug#961422: [Pkg-erlang-devel] Bug#961422: yaws: CVE-2020-12872

Hi Salvatore, On Sun, May 24, 2020 at 4:09 PM Salvatore Bonaccorso wrote: > > The following vulnerability was published for yaws. > > CVE-2020-12872[0]: > | yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS > | ciphers, as demonstrated by ones that allow Sweet32 attacks. >