[Git][security-tracker-team/security-tracker][master] add #efail CVE numbers

Yves-Alexis Perez corsac at debian.org
Mon May 14 11:12:25 BST 2018


Yves-Alexis Perez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9defe86a by Yves-Alexis Perez at 2018-05-14T12:12:03+02:00
add #efail CVE numbers

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -23491,10 +23491,17 @@ CVE-2017-17691
 	RESERVED
 CVE-2017-17690
 	RESERVED
-CVE-2017-17689
+CVE-2017-17689 [S/MIME CBC gadget attacks]
 	RESERVED
-CVE-2017-17688
+	NOTE: vulnerability is in the clients handling, not in OpenPGP
+	NOTE: https://efail.de
+	TODO: check all clients
+CVE-2017-17688 [OpenPGP CFB gadget attacks]
 	RESERVED
+	- enigmail <unfixed>
+	NOTE: vulnerability is in the clients handling, not in OpenPGP
+	NOTE: https://efail.de
+	TODO: check all clients
 CVE-2017-17687
 	RESERVED
 CVE-2017-17686



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9defe86a23b319090bdd471e22043ccbdacae4cb

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9defe86a23b319090bdd471e22043ccbdacae4cb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180514/8c5e39e4/attachment.html>


More information about the debian-security-tracker-commits mailing list