Date: Tue, 30 Jun 2015 09:04:22 +1000 From: David Jorm <david.jorm@...il.com> To: oss-security@...ts.openwall.com, opendaylight-announce@...ts.opendaylight.org, security-announce@...ts.opendaylight.org Subject: OpenDaylight security advisory: CVE-2015-3414 CVE-2015-3416 SQLite memory corruption, CVE-2015-4000 LOGJAM TLS MITM Hi All OpenDaylight Lithium GA has now been released, including patches for several security vulnerabilities: [Moderate] CVE-2015-3414 CVE-2015-3416 AAA: SQLite memory corruption leading to DoS and possible code execution [Moderate] CVE-2015-4000 OpenDaylight: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks (LOGJAM) Full details, including links to patched builds, are available on the OpenDaylight security advisories page: https://wiki.opendaylight.org/view/Security_Advisories Thanks David Jorm on behalf of the OpenDaylight security response team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.