[Git][security-tracker-team/security-tracker][master] tomcrypt fixed

Wed Jul 11 18:38:44 BST 2018

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3cfd9aea by Moritz Muehlenhoff at 2018-07-11T19:38:26+02:00
tomcrypt fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3476,7 +3476,7 @@ CVE-2018-12438 (The Elliptic Curve Cryptography library (aka sunec or libsunec) 
 	- openjdk-10 <unfixed> (low)
 	- openjdk-11 <unfixed> (low)
 CVE-2018-12437 (LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ...)
-	- libtomcrypt <unfixed> (low; bug #901626)
+	- libtomcrypt 1.18.2-1 (low; bug #901626)
 	[stretch] - libtomcrypt <no-dsa> (Minor issue)
 	[jessie] - libtomcrypt <no-dsa> (Minor issue)
 	NOTE: https://github.com/libtom/libtomcrypt/issues/407
@@ -36387,6 +36387,7 @@ CVE-2018-0739 (Constructed ASN.1 types with a recursive definition (such as can 
 	{DSA-4158-1 DSA-4157-1 DLA-1330-1}
 	- openssl 1.1.0h-1
 	- openssl1.0 1.0.2o-1
+	- libtomcrypt 1.18.2-1
 	NOTE: https://www.openssl.org/news/secadv/20180327.txt
 	NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33
 	NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=9310d45087ae546e27e61ddf8f6367f29848220d



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cfd9aead102a7f63705e54f20f794ed9a11cd71

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cfd9aead102a7f63705e54f20f794ed9a11cd71
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180711/822021fe/attachment.html>
