[Bug 1184223] Re: CVE-2013-2061: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jun 4 13:03:54 UTC 2013
Thanks for the merge request.
We rate this security vulnerability as being "low" priority, which means
we will not publish a security update for it unless another more
important issue turns up in openvpn, at which point we will bundle both
updates together.
I am unsubscribing ubuntu-security-sponsors for now.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1184223
Title:
CVE-2013-2061: use of non-constant-time memcmp in HMAC comparison in
openvpn_decrypt
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1184223/+subscriptions
More information about the Ubuntu-server-bugs
mailing list