Summary: | <net-libs/gnutls-3.3.15: MD5-based ServerKeyExchange signature accepted by default (GNUTLS-SA-2015-2) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alonbl, crypto+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1218426 | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 546760 |
Description
Agostino Sarubbo
2015-05-05 07:33:30 UTC
3.3.15 can be stabilized. Arches, please test and mark stable: =net-libs/gnutls-3.3.15 Target keywords : "alpha amd64 arm hppa ia64 ppc64 sparc x86" amd64 stable CVE - requested http://www.openwall.com/lists/oss-security/2015/05/05/8 Stable for PPC64. Stable for HPPA. ia64 stable ppc stable x86 stable alpha stable arm stable sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s). Done, thanks. This issue was resolved and addressed in GLSA 201506-03 at https://security.gentoo.org/glsa/201506-03 by GLSA coordinator Kristian Fiskerstrand (K_F). |