[Secure-testing-commits] r30467 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Nov 30 21:49:53 UTC 2014
Author: jmm
Date: 2014-11-30 21:49:53 +0000 (Sun, 30 Nov 2014)
New Revision: 30467
Modified:
data/CVE/list
Log:
erlang-ssl fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-30 21:27:27 UTC (rev 30466)
+++ data/CVE/list 2014-11-30 21:49:53 UTC (rev 30467)
@@ -13794,7 +13794,9 @@
- tlslite <removed>
[wheezy] - tlslite <no-dsa> (Minor issue)
- uzbl <unfixed> (unimportant)
- - erlang <unfixed> (bug #771359)
+ - erlang 1:17.3-dfsg-3 (bug #771359)
+ [squeeze] - erlang <no-dsa> (Minor issue)
+ [wheezy] - erlang <no-dsa> (Minor issue)
NOTE: https://www.openssl.org/~bodo/ssl-poodle.pdf
NOTE: http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
NOTE: This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
More information about the Secure-testing-commits
mailing list