March 2015 Archives by author
Starting: Thu Mar 19 11:59:39 UTC 2015
Ending: Thu Mar 19 14:49:12 UTC 2015
Messages: 18
- [Pkg-mono-svn-commits] [mono] branch master updated (15941e0 -> 9c92f93)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 01/04: Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. ("SKIP-TLS" attack). (Closes: #780751, CVE-2015-2318)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 02/04: Remove the client-side SSLv2 fallback. There's almost no SSLv3 web site left so a v2 fallback is only extra code we do not need to carry forward. (Closes: #780751, CVE-2015-2320)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 03/04: Remove the EXPORT ciphers and related code path. That was still useful in 2003/2004 but the technical and legal landscape changed a lot since then. Removing the old, limited key size, cipher suites also allow removed additional parts of the code that deals with them. ("FREAK" attack) (Closes: #780751, CVE-2015-2319)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 04/04: finalize changelog
Jo Shields
- [Pkg-mono-svn-commits] [mono] annotated tag debian/3.2.8+dfsg-10 created (now 7ef5b97)
Jo Shields
- [Pkg-mono-svn-commits] [mono] branch master-2.6.7-tlsfix created (now eba2e52)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 01/04: Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. ("SKIP-TLS" attack). (Closes: #780751, CVE-2015-2318)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 02/04: Remove the client-side SSLv2 fallback. There's almost no SSLv3 web site left so a v2 fallback is only extra code we do not need to carry forward. (Closes: #780751, CVE-2015-2320)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 03/04: Remove the EXPORT ciphers and related code path. That was still useful in 2003/2004 but the technical and legal landscape changed a lot since then. Removing the old, limited key size, cipher suites also allow removed additional parts of the code that deals with them. ("FREAK" attack) (Closes: #780751, CVE-2015-2319)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 04/04: Finalize changelog
Jo Shields
- [Pkg-mono-svn-commits] [mono] annotated tag debian/2.6.7-5.1+deb6u1 created (now e5456ab)
Jo Shields
- [Pkg-mono-svn-commits] [mono] branch master-2.10.8.1-tlsfix created (now bd14d30)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 01/04: Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. ("SKIP-TLS" attack). (Closes: #780751, CVE-2015-2318)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 02/04: Remove the client-side SSLv2 fallback. There's almost no SSLv3 web site left so a v2 fallback is only extra code we do not need to carry forward. (Closes: #780751, CVE-2015-2320)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 03/04: Remove the EXPORT ciphers and related code path. That was still useful in 2003/2004 but the technical and legal landscape changed a lot since then. Removing the old, limited key size, cipher suites also allow removed additional parts of the code that deals with them. ("FREAK" attack) (Closes: #780751, CVE-2015-2319)
Jo Shields
- [Pkg-mono-svn-commits] [mono] 04/04: finalize changelog
Jo Shields
- [Pkg-mono-svn-commits] [mono] annotated tag debian/2.10.8.1-8+deb7u1 created (now ccb8e7c)
Jo Shields
Last message date:
Thu Mar 19 14:49:12 UTC 2015
Archived on: Thu Mar 19 14:49:13 UTC 2015
This archive was generated by
Pipermail 0.09 (Mailman edition).