[Pkg-fedora-ds-maintainers] Bug#789202: 389-ds-base: CVE-2015-3230: nsSSL3Ciphers preference not enforced server side (regression)
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 18 20:22:29 UTC 2015
Source: 389-ds-base
Version: 1.3.3.5-4
Severity: important
Tags: security upstream fixed-upstream
Hi,
the following vulnerability was published for 389-ds-base.
CVE-2015-3230[0]:
nsSSL3Ciphers preference not enforced server side (regression)
Sourcecodewise it looks affected as the ticket 47838 was addressed.
But please double check if this is right.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-3230
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1232096
Regards,
Salvatore
More information about the Pkg-fedora-ds-maintainers
mailing list