[Git][security-tracker-team/security-tracker][master] CVE-2018-1279,rabbitmq-server: Mark as no-dsa for Jessie

[Markus Koschany]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7b58b79d by Markus Koschany at 2018-12-22T15:20:22Z
CVE-2018-1279,rabbitmq-server: Mark as no-dsa for Jessie

Can be mitigated by restricting network access and creating cookies manually.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -58820,6 +58820,7 @@ CVE-2018-1280 (Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 cont
 CVE-2018-1279 (Pivotal RabbitMQ for PCF, all versions, uses a deterministically ...)
 	- rabbitmq-server <unfixed>
 	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
+	[jessie] - rabbitmq-server <no-dsa> (Minor issue)
 	NOTE: https://pivotal.io/security/cve-2018-1279
 	NOTE: Underlying issue is the use of deterministically generated cookie.
 	NOTE: Issue can bemitigated by restricting network access from untrusted sources.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b58b79d5065a44b658e279033316c15298bc9ff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b58b79d5065a44b658e279033316c15298bc9ff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181222/c5316352/attachment.html>