Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability roundup 80: openssl-1.0.2t: 1 advisory #77266

Closed
1 task done
ckauhaus opened this issue Jan 7, 2020 · 2 comments
Closed
1 task done

Vulnerability roundup 80: openssl-1.0.2t: 1 advisory #77266

ckauhaus opened this issue Jan 7, 2020 · 2 comments
Assignees
@vcunat
Labels
1.severity: security

Comments

@ckauhaus
Copy link
Contributor

ckauhaus commented Jan 7, 2020
edited by vcunat

search, files

  • CVE-2019-1551 CVSSv3=5.3 (nixos-19.03, nixos-19.09, nixos-unstable)

Scanned versions: nixos-19.03: 3907a44; nixos-19.09: fd4ccdb; nixos-unstable: 9beb0d1. May contain false positives.
@ckauhaus
Copy link
Contributor Author

ckauhaus commented Jan 7, 2020

See also: #76015

vcunat added a commit that referenced this issue Jan 11, 2020
@vcunat
openssl_1_0_2: 1.0.2t -> 1.0.2u (low-severity security)
961d0cf 
Fixes #77266: CVE-2019-1551
https://www.openssl.org/news/secadv/20191206.txt
@vcunat vcunat self-assigned this Jan 11, 2020
vcunat added a commit that referenced this issue Jan 11, 2020
@vcunat
openssl_1_0_2: 1.0.2t -> 1.0.2u (low-severity security)
f7d050e 
Fixes #77266: CVE-2019-1551
https://www.openssl.org/news/secadv/20191206.txt
@vcunat vcunat closed this as completed in e4c89a6 Jan 11, 2020
vcunat added a commit that referenced this issue Jan 11, 2020
@vcunat
openssl_1_0_2: 1.0.2t -> 1.0.2u (low-severity security)
1a99f4c 
Fixes #77266: CVE-2019-1551
https://www.openssl.org/news/secadv/20191206.txt

(cherry picked from commit 961d0cf)
@vcunat
Copy link
Member

vcunat commented Jan 11, 2020

Closely related: #77503

dtzWill pushed a commit to dtzWill/nixpkgs that referenced this issue Jan 16, 2020
@vcunat @dtzWill
openssl_1_0_2: 1.0.2t -> 1.0.2u (low-severity security)
3dd32fb 
Fixes NixOS#77266: CVE-2019-1551
https://www.openssl.org/news/secadv/20191206.txt

(cherry picked from commit 961d0cf)
Oops - I realized too late that the rebuild amount is minimal,
so why not have it immediately in master.
(cherry picked from commit e4c89a6)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vcunat vcunat

Labels
1.severity: security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ckauhaus @vcunat