Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9f546d4a by Salvatore Bonaccorso at 2018-02-13T06:53:42+01:00
Add CVE-2018-048{7,8}/mbedtls: #890287, #890288

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17420,10 +17420,14 @@ CVE-2018-0490
        RESERVED
 CVE-2018-0489
        RESERVED
-CVE-2018-0488
+CVE-2018-0488 [Risk of remote code execution when truncated HMAC is enabled]
        RESERVED
-CVE-2018-0487
+       - mbedtls <unfixed> (bug #890287)
+       NOTE: 
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
+CVE-2018-0487 [Risk of remote code execution when verifying RSASSA-PSS 
signatures]
        RESERVED
+       - mbedtls <unfixed> (bug #890288)
+       NOTE: 
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
 CVE-2018-0486 (Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth 
Service ...)
        {DSA-4085-1 DLA-1242-1}
        - xmltooling 1.6.3-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9f546d4a35cc11555f5f98bffcba2021fe175c77

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9f546d4a35cc11555f5f98bffcba2021fe175c77
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to