[Secure-testing-commits] r34894 - data/CVE
Kurt Roeckx
kroeckx at moszumanska.debian.org
Thu Jun 11 17:32:54 UTC 2015
Author: kroeckx
Date: 2015-06-11 17:32:54 +0000 (Thu, 11 Jun 2015)
New Revision: 34894
Modified:
data/CVE/list
Log:
Update OpenSSL logjam status
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-11 17:28:46 UTC (rev 34893)
+++ data/CVE/list 2015-06-11 17:32:54 UTC (rev 34894)
@@ -1180,13 +1180,14 @@
NOTE: https://lkml.org/lkml/2015/5/13/744
NOTE: Not enabled in Debian kernels; staging drivers are not supported
CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ...)
- - openssl 1.0.2b-1
+ - openssl <unfixed>
NOTE: CVE assigned specific to vulnerability in the TLS protocol that was
NOTE: disclosed in section 3.2 of the
NOTE: https://weakdh.org/imperfect-forward-secrecy.pdf paper.
NOTE: Some links on the status of various implementations/protocols:
NOTE: IKE/IPSEC: https://nohats.ca/wordpress/blog/2015/05/20/weakdh-and-ike-ipsec/
NOTE: OpenSSL: https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
+ NOTE: OpenSSL 1.0.2b-1 limits it to 768 bit, future versions will increase the limit
NOTE: GNUTLS: http://lists.gnutls.org/pipermail/gnutls-devel/2015-May/007597.html
CVE-2015-3999 (Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames ...)
NOT-FOR-US: Piriform CCleaner
More information about the Secure-testing-commits
mailing list