3:31 p.m.
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Bug ID: 1206712
Summary: CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in
its TLS-1.0 implementation
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: fleite(a)redhat.com
CC: erlang(a)lists.fedoraproject.org, gemi(a)bluewin.ch,
lemenkov(a)gmail.com, rhbugs(a)n-dimensional.de,
rjones(a)redhat.com, s(a)shk.io
It was reported upstream that Erlang/OTP is vulnerable to Poodle in its TLS-1.0
implementation. This vulnerability was assigned CVE-2015-2774.
References:
http://www.erlang.org/news/85
http://openwall.com/lists/oss-security/2015/03/27/9
--
You are receiving this mail because:
You are on the CC list for the bug.
3:32 p.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Fabio Olive Leite <fleite(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends On| |1206713
Depends On| |1206714
--- Comment #1 from Fabio Olive Leite <fleite(a)redhat.com> ---
Created erlang tracking bugs for this issue:
Affects: fedora-all [bug 1206713]
Affects: epel-all [bug 1206714]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1206713
[Bug 1206713] CVE-2015-2774 erlang: Erlang/OTP is vulnerable to Poodle in
its TLS-1.0 implementation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1206714
[Bug 1206714] CVE-2015-2774 erlang: Erlang/OTP is vulnerable to Poodle in
its TLS-1.0 implementation [epel-all]
--
You are receiving this mail because:
You are on the CC list for the bug.
3:55 p.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Richard W.M. Jones <rjones(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jeckersb(a)redhat.com
--- Comment #2 from Richard W.M. Jones <rjones(a)redhat.com> ---
Adding Rabbit maintainer just FYI.
--
You are receiving this mail because:
You are on the CC list for the bug.
12:26 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Bug 1206712 depends on bug 1206713, which changed state.
Bug 1206713 Summary: CVE-2015-2774 erlang: Erlang/OTP is vulnerable to Poodle in its
TLS-1.0 implementation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1206713
What |Removed |Added
----------------------------------------------------------------------------
Status|ON_QA |CLOSED
Resolution|--- |ERRATA
--
You are receiving this mail because:
You are on the CC list for the bug.
12:26 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
--- Comment #3 from Fedora Update System <updates(a)fedoraproject.org> ---
erlang-17.4-4.fc22 has been pushed to the Fedora 22 stable repository. If
problems still persist, please make note of it in this bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.
12:26 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
--- Comment #4 from Fedora Update System <updates(a)fedoraproject.org> ---
erlang-17.4-4.fc21 has been pushed to the Fedora 21 stable repository. If
problems still persist, please make note of it in this bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.
11:26 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Fedora Update System <updates(a)fedoraproject.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ON_QA
--- Comment #5 from Fedora Update System <updates(a)fedoraproject.org> ---
erlang-17.4-5.fc23 has been pushed to the Fedora 23 testing repository. If
problems still persist, please make note of it in this bug report.\nIf you want
to test the update, you can install it with \n su -c 'yum
--enablerepo=updates-testing update erlang'. You can provide feedback for this
update here: https://bodhi.fedoraproject.org/updates/erlang-17.4-5.fc23
--
You are receiving this mail because:
You are on the CC list for the bug.
11:26 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Bug 1206712 depends on bug 1206713, which changed state.
Bug 1206713 Summary: CVE-2015-2774 erlang: Erlang/OTP is vulnerable to Poodle in its
TLS-1.0 implementation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1206713
What |Removed |Added
----------------------------------------------------------------------------
Status|CLOSED |ON_QA
Resolution|ERRATA |---
--
You are receiving this mail because:
You are on the CC list for the bug.
2:12 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Tomas Hoger <thoger(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ON_QA |NEW
--
You are receiving this mail because:
You are on the CC list for the bug.
1:32 p.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
--- Comment #6 from Fedora Update System <updates(a)fedoraproject.org> ---
erlang-17.4-5.fc23 has been pushed to the Fedora 23 stable repository. If
problems still persist, please make note of it in this bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.
1:32 p.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Bug 1206712 depends on bug 1206713, which changed state.
Bug 1206713 Summary: CVE-2015-2774 erlang: Erlang/OTP is vulnerable to Poodle in its
TLS-1.0 implementation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1206713
What |Removed |Added
----------------------------------------------------------------------------
Status|ON_QA |CLOSED
Resolution|--- |NEXTRELEASE
--
You are receiving this mail because:
You are on the CC list for the bug.
12:55 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
--- Comment #7 from Fedora Update System <updates(a)fedoraproject.org> ---
erlang-R16B-03.11.el7 has been pushed to the Fedora EPEL 7 stable repository.
If problems still persist, please make note of it in this bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.
12:55 a.m.
New subject: [Bug 1206712] CVE-2015-2774 Erlang/OTP is vulnerable to Poodle in its TLS-1.0 implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1206712
Bug 1206712 depends on bug 1206714, which changed state.
Bug 1206714 Summary: CVE-2015-2774 erlang: Erlang/OTP is vulnerable to Poodle in its
TLS-1.0 implementation [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1206714
What |Removed |Added
----------------------------------------------------------------------------
Status|ON_QA |CLOSED
Resolution|--- |NEXTRELEASE
--
You are receiving this mail because:
You are on the CC list for the bug.
3152
days inactive
3311
days old
erlang@lists.fedoraproject.org
12 comments
1 participants
participants (1)
-
Red Hat Bugzilla