[gnutls-devel] [oss-security] CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations
cve-assign at mitre.org
cve-assign at mitre.org
Wed Feb 6 02:08:44 CET 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If you are interested in the CVE name assignments for the recent TLS
and DTLS disclosure at http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
please see:
http://openwall.com/lists/oss-security/2013/02/05/24
This references:
Mozilla Network Security Services (NSS) CVE-2013-1620
GnuTLS CVE-2013-1619
PolarSSL three CVEs (see below)
PolarSSL - TLS and DTLS protocol issue: CVE-2013-0169
PolarSSL - out-of-bounds comparisons: CVE-2013-1621
PolarSSL - lack of MAC check in some cases: CVE-2013-1622
and other products.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (SunOS)
iQEcBAEBAgAGBQJREanXAAoJEGvefgSNfHMdRSkH/jDVd3wagUKNvjO2mTVo1Jdy
MYvKStezZTgVDMw4f5zLJcEM7Cm/74tvbst/DdIgHiMI188z9v1CZ5XgBCft3LSm
DninOatvTcB/8CHhJ80q4vRH7EqiAVVWdq+SAPSU0v+e43rxIE1S1z+axOkG4xpt
O6vxiXeaD9jZcNJx93nbBVceC6fphmq7Oz/eWdcYMf/BKsADxinxpTpLX/8U9vJH
cdBAG4I5PUAgnWbHj/Fk/oeVKjYGLmiejMO9WU+/5NpxILUJP2hHz4Fqz8qR4Ovq
eME40QIIfaumyJ1puY5jJ0jTmbxMkPT7irmZ/YlHnLB5s9CfwJEec0tfkCZcBgM=
=2FcO
-----END PGP SIGNATURE-----
More information about the Gnutls-devel
mailing list