[Pkg-mono-svn-commits] [mono] branch master updated (15941e0 -> 9c92f93)
Jo Shields
directhex at moszumanska.debian.org
Thu Mar 19 11:59:39 UTC 2015
This is an automated email from the git hooks/post-receive script.
directhex pushed a change to branch master
in repository mono.
from 15941e0 Finalize changelog
new 037e3b5 Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. ("SKIP-TLS" attack). (Closes: #780751, CVE-2015-2318)
new 38d3725 Remove the client-side SSLv2 fallback. There's almost no SSLv3 web site left so a v2 fallback is only extra code we do not need to carry forward. (Closes: #780751, CVE-2015-2320)
new 00e66d6 Remove the EXPORT ciphers and related code path. That was still useful in 2003/2004 but the technical and legal landscape changed a lot since then. Removing the old, limited key size, cipher suites also allow removed additional parts of the code that deals with them. ("FREAK" attack) (Closes: #780751, CVE-2015-2319)
new 9c92f93 finalize changelog
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
debian/changelog | 17 ++
.../CipherSuiteFactory.cs | 28 ++--
.../ClientRecordProtocol.cs | 30 +++-
.../Mono.Security.Protocol.Tls/Context.cs | 2 +
.../Mono.Security.Protocol.Tls/RecordProtocol.cs | 174 +--------------------
.../ServerRecordProtocol.cs | 37 +++--
.../Mono.Security.Protocol.Tls/SslCipherSuite.cs | 54 +------
.../Mono.Security.Protocol.Tls/SslServerStream.cs | 12 +-
.../Mono.Security.Protocol.Tls/TlsCipherSuite.cs | 40 +----
9 files changed, 98 insertions(+), 296 deletions(-)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mono/packages/mono.git
More information about the Pkg-mono-svn-commits
mailing list