[Git][security-tracker-team/security-tracker][master] Add CVE-2018-10845/gnutls

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ef51480 by Salvatore Bonaccorso at 2018-08-22T06:19:38Z
Add CVE-2018-10845/gnutls

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -12176,8 +12176,12 @@ CVE-2018-10846 ["Just in Time" PRIME + PROBE cache-based side channel attack can
 	- gnutls26 <removed>
 	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/657
 	NOTE: https://eprint.iacr.org/2018/747
-CVE-2018-10845
+CVE-2018-10845 [HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant]
 	RESERVED
+	- gnutls28 <unfixed>
+	- gnutls26 <removed>
+	NOTE: https://gitlab.com/gnutls/gnutls/merge_requests/657
+	NOTE: https://eprint.iacr.org/2018/747
 CVE-2018-10844
 	RESERVED
 CVE-2018-10843 (source-to-image component of Openshift Container Platform before ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ef514807c8861370d73bb1828395875e40d1667

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ef514807c8861370d73bb1828395875e40d1667
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180822/6464b3f1/attachment.html>