[Git][security-tracker-team/security-tracker][master] add #efail CVE numbers
Yves-Alexis Perez
corsac at debian.org
Mon May 14 11:12:25 BST 2018
Yves-Alexis Perez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9defe86a by Yves-Alexis Perez at 2018-05-14T12:12:03+02:00
add #efail CVE numbers
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -23491,10 +23491,17 @@ CVE-2017-17691
RESERVED
CVE-2017-17690
RESERVED
-CVE-2017-17689
+CVE-2017-17689 [S/MIME CBC gadget attacks]
RESERVED
-CVE-2017-17688
+ NOTE: vulnerability is in the clients handling, not in OpenPGP
+ NOTE: https://efail.de
+ TODO: check all clients
+CVE-2017-17688 [OpenPGP CFB gadget attacks]
RESERVED
+ - enigmail <unfixed>
+ NOTE: vulnerability is in the clients handling, not in OpenPGP
+ NOTE: https://efail.de
+ TODO: check all clients
CVE-2017-17687
RESERVED
CVE-2017-17686
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9defe86a23b319090bdd471e22043ccbdacae4cb
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9defe86a23b319090bdd471e22043ccbdacae4cb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180514/8c5e39e4/attachment.html>
More information about the debian-security-tracker-commits
mailing list