Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 1 Aug 2014 12:12:59 +0200
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>
Cc: ben@...er.org
Subject: Possible CVE request: subversion MD5 collision authentication leak

Hi,

The subversion list has fixed a md5 collision attack possibility.

http://mail-archives.apache.org/mod_mbox/subversion-dev/201407.mbox/%3C53DAB4A7.8030004%40reser.org%3E

http://svn.apache.org/r1550691
http://svn.apache.org/r1550772

The referenced E-Mail speaks about CVE request, so not sure who will assign
one.

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ