[Git][security-tracker-team/security-tracker][master] Triage CVE-2020-26263 in tlslite-ng for stretch LTS.
Chris Lamb
lamby at debian.org
Thu Jan 7 08:48:13 GMT 2021
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5d140fce by Chris Lamb at 2021-01-07T08:47:38+00:00
Triage CVE-2020-26263 in tlslite-ng for stretch LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21832,6 +21832,7 @@ CVE-2020-26264 (Go Ethereum, or "Geth", is the official Golang implementation of
CVE-2020-26263 (tlslite-ng is an open source python library that implements SSL and TL ...)
- tlslite-ng <removed>
[buster] - tlslite-ng <ignored> (Minor issue)
+ [stretch] - tlslite-ng <postponed> (Timing attack issue; can be fixed in next DLA)
NOTE: https://github.com/tlsfuzzer/tlslite-ng/security/advisories/GHSA-wvcv-832q-fjg7
NOTE: https://github.com/tlsfuzzer/tlslite-ng/commit/c28d6d387bba59d8bd5cb3ba15edc42edf54b368
NOTE: https://github.com/tlsfuzzer/tlslite-ng/pull/438
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d140fce5a232fa4ecd4ced2af0c4f6130566afe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d140fce5a232fa4ecd4ced2af0c4f6130566afe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210107/446f3779/attachment.html>
More information about the debian-security-tracker-commits
mailing list