python affected by CVE-2011-3389

To: debian-security-tracker@lists.debian.org
Subject: python affected by CVE-2011-3389
From: Marc Haber <mh+debian-security@zugschlus.de>
Date: Mon, 25 Jun 2012 15:32:03 +0200
Message-id: <[🔎] 20120625133203.GF17410@torres.zugschlus.de>

Hi,

following the procedure laid out in
http://security-tracker.debian.org/tracker/data/report, python
considers itself as affected by CVS-2011-3389, and having the issue
fixed in their 2.6.8 release.

The security tracker does not (yet?) list python as affected by
CVS-2011-3389.

Greetings
Marc

On Mon, Jun 25, 2012 at 02:21:42PM +0200, Marc Haber wrote:
> On Mon, Jun 25, 2012 at 02:45:57PM +0300, Henri Salo wrote:
> > >  * CVE-2011-3389, disabling of the CBC IV attack countermeasure in the _ssl module
> 
> phyton is not listed in
> http://security-tracker.debian.org/tracker/CVE-2011-3389, does that
> mean that nobody yet identified python as being affected? How can
> python be added here?

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 31958062

Reply to:

Prev by Date: External check
Next by Date: External check
Previous by thread: Re: Please help with discrepancies in CVE-2011-3578
Next by thread: Bug#679563: security-tracker: DSA-2503-1 vs. tracker
Index(es):
- Date
- Thread