[Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-1968

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
839b69a5 by Salvatore Bonaccorso at 2020-09-26T09:05:36+02:00
Update information on CVE-2020-1968

The fixed DH ciphersuites were removed thus in 1.1.0~pre2 already
upstream. Track down the unstable version which first contained that
change and reshuffle the comments.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -58675,12 +58675,12 @@ CVE-2020-1970
 CVE-2020-1969
 	RESERVED
 CVE-2020-1968 (The Raccoon attack exploits a flaw in the TLS specification which can  ...)
-	- openssl 1.1.1~~pre9-1
-	[stretch] - openssl <not-affected> (Affected ciphers removed in upstream commit bc71f91, included in 1.1.0-pre2)
+	- openssl 1.1.0c-1
 	- openssl1.0 <removed>
-	NOTE: Marking the first openssl 1.1.1 version in unstable as the fixed version in sid
 	NOTE: https://www.openssl.org/news/secadv/20200909.txt
 	NOTE: https://raccoon-attack.com/
+	NOTE: Fixed DH ciphersuites removed upstream in 1.1.0~pre2:
+	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb (OpenSSL_1_1_0-pre2)
 CVE-2020-1967 (Server or client applications that call the SSL_check_chain() function ...)
 	{DSA-4661-1}
 	- openssl 1.1.1g-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/839b69a545324c10daf95ba9062fa2a191963850

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/839b69a545324c10daf95ba9062fa2a191963850
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200926/2b5b7510/attachment.html>