Summary: | <dev-lang/mono-4.4.1.0: TLS vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | dotnet |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/03/07/2 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-03-13 14:21:07 UTC
mono-4 is being stabilized in other security bug :/ CVE-2015-2318 is https://github.com/mono/mono/commit/1509226c41d74194c146deb173e752b8d3cdeec4 CVE-2015-2320 is https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10 CVE-2015-2320 is https://github.com/mono/mono/commit/b371da6b2d68b4cdd0f21d6342af6c42794f998b This is fixed at least for 4.4.x but our 2.10.x is still vulnerable. @ Maintainer(s): Please tell us if you are going to patch 2.10.x or want to remove/mask instead. 2.x branch gone. Tree is clean. GLSA Vote: No. |