[Secure-testing-commits] r34379 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu May 21 08:02:19 UTC 2015
Author: jmm
Date: 2015-05-21 08:02:19 +0000 (Thu, 21 May 2015)
New Revision: 34379
Modified:
data/CVE/list
Log:
realmd no-dsa
add some links for weakdh
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-21 07:17:10 UTC (rev 34378)
+++ data/CVE/list 2015-05-21 08:02:19 UTC (rev 34379)
@@ -101,6 +101,10 @@
NOTE: CVE assigned specific to vulnerability in the TLS protocol that was
NOTE: disclosed in section 3.2 of the
NOTE: https://weakdh.org/imperfect-forward-secrecy.pdf paper.
+ NOTE: Some links on the status of various implementations/protocols:
+ NOTE: IKE/IPSEC: https://nohats.ca/wordpress/blog/2015/05/20/weakdh-and-ike-ipsec/
+ NOTE: OpenSSL: https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
+ NOTE: GNUTLS: http://lists.gnutls.org/pipermail/gnutls-devel/2015-May/007597.html
CVE-2015-3999
RESERVED
CVE-2015-3998
@@ -3520,6 +3524,7 @@
RESERVED
CVE-2015-2704 (realmd allows remote attackers to inject arbitrary configurations in ...)
- realmd 0.16.0-1 (bug #781179)
+ [jessie] - realmd <no-dsa> (Minor issue)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=89207
CVE-2015-2776 (The parse_SST function in FreeXL before 1.0.0i allows remote attackers ...)
{DSA-3208-1}
More information about the Secure-testing-commits
mailing list