[Secure-testing-commits] r40110 - data/CVE

Kurt Roeckx kroeckx at moszumanska.debian.org
Tue Mar 1 18:23:12 UTC 2016


Author: kroeckx
Date: 2016-03-01 18:23:12 +0000 (Tue, 01 Mar 2016)
New Revision: 40110

Modified:
   data/CVE/list
Log:
NSS dropped SSLv2 support in 3.13


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-01 17:55:43 UTC (rev 40109)
+++ data/CVE/list	2016-03-01 18:23:12 UTC (rev 40110)
@@ -6203,7 +6203,8 @@
 CVE-2016-0800 [Cross-protocol attack on TLS using SSLv2 (DROWN)]
 	RESERVED
 	- openssl 1.0.0c-2
-	NOTE: 1.0.0c-2 dropped SSLv2 support
+	- nss 3.13
+	NOTE: openssl 1.0.0c-2 dropped SSLv2 support
 	NOTE: https://www.openssl.org/news/secadv/20160301.txt
 	NOTE: https://www.drownattack.com/
 	NOTE: GNUTLS never implemented SSLv2




More information about the Secure-testing-commits mailing list