[Secure-testing-commits] r44126 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Aug 25 05:39:59 UTC 2016


Author: carnil
Date: 2016-08-25 05:39:59 +0000 (Thu, 25 Aug 2016)
New Revision: 44126

Modified:
   data/CVE/list
Log:
Add note for OpenSSL

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-08-25 05:07:14 UTC (rev 44125)
+++ data/CVE/list	2016-08-25 05:39:59 UTC (rev 44126)
@@ -15378,6 +15378,7 @@
 CVE-2016-2183
 	RESERVED
 	NOTE: The CVE is assigned for the protocol flaw in the DES/3DES cipher, used as a part of the SSL/TLS protocol.
+	NOTE: What was done in OpenSSL: https://www.openssl.org/blog/blog/2016/08/24/sweet32/
 	TODO: not clear if this should be assigned to individual source, like openssl and nss (openpvn got a own CVE)
 CVE-2016-2182
 	RESERVED




More information about the Secure-testing-commits mailing list