oss-sec mailing list archives
OpenDaylight security advisory: CVE-2015-3414 CVE-2015-3416 SQLite memory corruption, CVE-2015-4000 LOGJAM TLS MITM
From: David Jorm <david.jorm () gmail com>
Date: Tue, 30 Jun 2015 09:04:22 +1000
Hi All OpenDaylight Lithium GA has now been released, including patches for several security vulnerabilities: [Moderate] CVE-2015-3414 CVE-2015-3416 AAA: SQLite memory corruption leading to DoS and possible code execution [Moderate] CVE-2015-4000 OpenDaylight: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks (LOGJAM) Full details, including links to patched builds, are available on the OpenDaylight security advisories page: https://wiki.opendaylight.org/view/Security_Advisories Thanks David Jorm on behalf of the OpenDaylight security response team
Current thread:
- OpenDaylight security advisory: CVE-2015-3414 CVE-2015-3416 SQLite memory corruption, CVE-2015-4000 LOGJAM TLS MITM David Jorm (Jun 29)