[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop pyopenssl after further investigation. Thanks apo!

Chris Lamb lamby at debian.org
Fri Oct 12 20:27:27 BST 2018 

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ab00e32 by Chris Lamb at 2018-10-12T19:26:26Z
data/dla-needed.txt: Drop pyopenssl after further investigation. Thanks apo!

See 60aaf7c195e0fdaf401b468558fabe84b1f16b3b and 17dab33a7ab383cb7b60ce0a04abbb0720a7ab24

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -634,10 +634,12 @@ CVE-2018-1000809 (privacyIDEA version 2.23.1 and earlier contains a Improper Inp
 CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 17.5.0 ...)
 	- pyopenssl 17.5.0-1 (low)
 	[stretch] - pyopenssl <no-dsa> (Minor issue)
+	[jessie] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
 CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to version ...)
 	- pyopenssl 17.5.0-1
+	[jessie] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
 CVE-2018-1000805 (Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ab00e321537dbbd31d334e22cccbcffd235d125

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ab00e321537dbbd31d334e22cccbcffd235d125
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181012/61c91f5f/attachment.html>

More information about the debian-security-tracker-commits mailing list