Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8c69e49d by Salvatore Bonaccorso at 2018-07-28T11:02:45Z Add CVE-2018-049{7,8}/mbedtls: #904821 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -39388,10 +39388,16 @@ CVE-2018-0499 (A cross-site scripting vulnerability in ...) [stretch] - xapian-core 1.4.3-2+deb9u1 [jessie] - xapian-core <not-affected> (vulnerable code not present) NOTE: https://lists.xapian.org/pipermail/xapian-discuss/2018-July/009652.html -CVE-2018-0498 +CVE-2018-0498 [Plaintext recovery on use of CBC based ciphersuites through a cache based side-channel] RESERVED -CVE-2018-0497 + - mbedtls <unfixed> (bug #904821) + - polarssl <removed> + NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02 +CVE-2018-0497 [Remote plaintext recovery on use of CBC based ciphersuites through a timing side-channel] RESERVED + - mbedtls <unfixed> (bug #904821) + - polarssl <removed> + NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02 CVE-2018-0496 (Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 ...) - freedink-dfarc 3.14-1 [stretch] - freedink-dfarc 3.12-1+deb9u1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c69e49d3db244d1000f425d07103636eeefedd6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c69e49d3db244d1000f425d07103636eeefedd6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits