[Git][security-tracker-team/security-tracker][master] 2 commits: Reference review patches for CVE-2017-17689

Salvatore Bonaccorso carnil at debian.org
Fri Mar 15 07:33:44 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
51c61899 by Salvatore Bonaccorso at 2019-03-15T07:23:03Z
Reference review patches for CVE-2017-17689

- - - - -
d321795a by Salvatore Bonaccorso at 2019-03-15T07:26:08Z
CVE-2017-17689: reference upstream tags containing the patches

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -72291,6 +72291,9 @@ CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ..
 	NOTE: https://dot.kde.org/2018/05/15/efail-and-kmail
 	NOTE: protocol vulnerability can't be fixed in implementations but they can prevent exploitation by disabling loading of remote content
 	NOTE: kmail bug is #898634, but src:kmail is not affected, the code in question is in kf5-messagelib
+	NOTE: kf5-messagelib: https://phabricator.kde.org/D12391 (v18.04.1)
+	NOTE: kf5-messagelib: https://phabricator.kde.org/D12393 (v18.04.1)
+	NOTE: kmail: https://phabricator.kde.org/D12394
 CVE-2017-17688 (** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode ...)
 	- enigmail 2:2.0.6.1-4 (bug #898630)
 	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c0b7bb548198e2d93887737f31d3a66bb80f7105...d321795ab3df40e543943f4e486b1c3423dd4db9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c0b7bb548198e2d93887737f31d3a66bb80f7105...d321795ab3df40e543943f4e486b1c3423dd4db9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190315/c0903998/attachment.html>

More information about the debian-security-tracker-commits mailing list