[Git][security-tracker-team/security-tracker][master] Add informatin on CVE-2018-5407
Salvatore Bonaccorso
carnil at debian.org
Fri Nov 2 03:58:54 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
101053be by Salvatore Bonaccorso at 2018-11-02T03:57:16Z
Add informatin on CVE-2018-5407
https://www.openwall.com/lists/oss-security/2018/11/01/4
This is auctually similar to other issues this year a hardware issue.
Still check if we want to track specific software particularly affected
as vulnerable software here.
For this reason kept the TODO question for now until decided on move.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36049,8 +36049,12 @@ CVE-2018-5409
RESERVED
CVE-2018-5408
RESERVED
-CVE-2018-5407
+CVE-2018-5407 [new side-channel vulnerability on SMT/Hyper-Threading architectures]
RESERVED
+ NOTE: https://www.openwall.com/lists/oss-security/2018/11/01/4
+ NOTE: This is not an issue in software but in a hardware issue. Issue can be
+ NOTE: mitigated e.g. for OpenSSL.
+ TODO: check if we want track specific software as "affected"
CVE-2018-5406
RESERVED
CVE-2018-5405
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/101053bef77c64aa566c92efed318ff376a16886
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/101053bef77c64aa566c92efed318ff376a16886
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181102/f5482459/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list