[Secure-testing-commits] r40110 - data/CVE
Kurt Roeckx
kroeckx at moszumanska.debian.org
Tue Mar 1 18:23:12 UTC 2016
Author: kroeckx
Date: 2016-03-01 18:23:12 +0000 (Tue, 01 Mar 2016)
New Revision: 40110
Modified:
data/CVE/list
Log:
NSS dropped SSLv2 support in 3.13
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-01 17:55:43 UTC (rev 40109)
+++ data/CVE/list 2016-03-01 18:23:12 UTC (rev 40110)
@@ -6203,7 +6203,8 @@
CVE-2016-0800 [Cross-protocol attack on TLS using SSLv2 (DROWN)]
RESERVED
- openssl 1.0.0c-2
- NOTE: 1.0.0c-2 dropped SSLv2 support
+ - nss 3.13
+ NOTE: openssl 1.0.0c-2 dropped SSLv2 support
NOTE: https://www.openssl.org/news/secadv/20160301.txt
NOTE: https://www.drownattack.com/
NOTE: GNUTLS never implemented SSLv2
More information about the Secure-testing-commits
mailing list