** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-8313
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-3566 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1510163 Title: Poodle TLS1.0 issue in Trusty (and Precise) Status in gnutls26 package in Ubuntu: Fix Released Status in gnutls26 source package in Precise: Fix Released Status in gnutls26 source package in Trusty: Fix Released Bug description: [Impact] Gnutls is affected by the Poodle TLS exploit https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls [Test Case] launch a new trusty VM sudo apt-get install cups Open /etc/cups/cupsd.conf and change just this one section ... # Only listen for connections from the local machine. #Listen localhost:631 Listen /var/run/cups/cups.sock SSLPort 443 SSLOptions None ServerAlias 127.35.213.162.lcy-02.canonistack.canonical.com ... Restart cups and then run the ssllabs test - https://www.ssllabs.com/ssltest/ [Regression Potential] This is a simple off by one error, that's fixed in all newer versions of gnutls. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1510163/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
