Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3cfd9aea by Moritz Muehlenhoff at 2018-07-11T19:38:26+02:00
tomcrypt fixed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3476,7 +3476,7 @@ CVE-2018-12438 (The Elliptic Curve Cryptography library
(aka sunec or libsunec)
- openjdk-10 <unfixed> (low)
- openjdk-11 <unfixed> (low)
CVE-2018-12437 (LibTomCrypt through 1.18.1 allows a memory-cache side-channel
attack on ...)
- - libtomcrypt <unfixed> (low; bug #901626)
+ - libtomcrypt 1.18.2-1 (low; bug #901626)
[stretch] - libtomcrypt <no-dsa> (Minor issue)
[jessie] - libtomcrypt <no-dsa> (Minor issue)
NOTE: https://github.com/libtom/libtomcrypt/issues/407
@@ -36387,6 +36387,7 @@ CVE-2018-0739 (Constructed ASN.1 types with a recursive
definition (such as can
{DSA-4158-1 DSA-4157-1 DLA-1330-1}
- openssl 1.1.0h-1
- openssl1.0 1.0.2o-1
+ - libtomcrypt 1.18.2-1
NOTE: https://www.openssl.org/news/secadv/20180327.txt
NOTE: OpenSSL_1_1_0-stable:
https://git.openssl.org/?p=openssl.git;a=commit;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33
NOTE: OpenSSL_1_0_2-stable:
https://git.openssl.org/?p=openssl.git;a=commit;h=9310d45087ae546e27e61ddf8f6367f29848220d
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cfd9aead102a7f63705e54f20f794ed9a11cd71
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cfd9aead102a7f63705e54f20f794ed9a11cd71
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
