[Bug 1184223] Re: CVE-2013-2061: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt

Marc Deslauriers marc.deslauriers at canonical.com
Fri May 31 13:50:22 UTC 2013


** Also affects: openvpn (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: openvpn (Ubuntu Quantal)
   Importance: Undecided
       Status: New

** Also affects: openvpn (Ubuntu Saucy)
   Importance: Undecided
       Status: New

** Also affects: openvpn (Ubuntu Raring)
   Importance: Undecided
       Status: New

** Changed in: openvpn (Ubuntu Precise)
       Status: New => Confirmed

** Changed in: openvpn (Ubuntu Precise)
   Importance: Undecided => Low

** Changed in: openvpn (Ubuntu Quantal)
       Status: New => Confirmed

** Changed in: openvpn (Ubuntu Quantal)
   Importance: Undecided => Low

** Changed in: openvpn (Ubuntu Raring)
       Status: New => Confirmed

** Changed in: openvpn (Ubuntu Raring)
   Importance: Undecided => Low

** Changed in: openvpn (Ubuntu Saucy)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1184223

Title:
  CVE-2013-2061: use of non-constant-time memcmp in HMAC comparison in
  openvpn_decrypt

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1184223/+subscriptions



More information about the Ubuntu-server-bugs mailing list