[Secure-testing-commits] r44394 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Wed Sep 7 16:24:22 UTC 2016
Author: nluedtke-guest
Date: 2016-09-07 16:24:22 +0000 (Wed, 07 Sep 2016)
New Revision: 44394
Modified:
data/CVE/list
Log:
Add Python upstream reference to CVE-2016-2183
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-07 15:09:57 UTC (rev 44393)
+++ data/CVE/list 2016-09-07 16:24:22 UTC (rev 44394)
@@ -15925,6 +15925,7 @@
CVE-2016-2183 (The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec ...)
NOTE: The CVE is assigned for the protocol flaw in the DES/3DES cipher, used as a part of the SSL/TLS protocol.
NOTE: What was done in OpenSSL: https://www.openssl.org/blog/blog/2016/08/24/sweet32/
+ NOTE: Python issue: https://bugs.python.org/issue27850
TODO: not clear if this should be assigned to individual source, like openssl and nss (openpvn got a own CVE)
CVE-2016-2182
RESERVED
More information about the Secure-testing-commits
mailing list