Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 30 Apr 2017 20:28:26 +0200
From: Salvatore Bonaccorso <>
To: OSS Security Mailinglist <>
Subject: radicale: CVE-2017-8342: prone to timing oracles and simple
 bruteforce attacks


The following CVE assignment was done via the

Radicale, a simple calendar and addressbook server, before 1.1.2 and
2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force
attacks when using the htpasswd authentication method.


CVE-2017-8342 was assigned for this issue.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.