FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a52a7172-c92e-11e5-96d6-14dae9d210b8	socat -- diffie hellman parameter was not prime socat reports: In the OpenSSL address implementation the hard coded 1024 bit DH p parameter was not prime. The effective cryptographic strength of a key exchange using these parameters was weaker than the one one could get by using a prime p. Moreover, since there is no indication of how these parameters were chosen, the existence of a trapdoor that makes possible for an eavesdropper to recover the shared secret from a key exchange that uses them cannot be ruled out. Discovery 2016-02-01 Entry 2016-02-01 socat >= 1.7.2.5 lt 1.7.3.1 http://www.dest-unreach.org/socat/contrib/socat-secadv7.html

VuXML ID

Description

a52a7172-c92e-11e5-96d6-14dae9d210b8

socat -- diffie hellman parameter was not prime

socat reports:

In the OpenSSL address implementation the hard coded 1024 bit DH p parameter was not prime. The effective cryptographic strength of a key exchange using these parameters was weaker than the one one could get by using a prime p. Moreover, since there is no indication of how these parameters were chosen, the existence of a trapdoor that makes possible for an eavesdropper to recover the shared secret from a key exchange that uses them cannot be ruled out.

Discovery 2016-02-01
Entry 2016-02-01
socat

>= 1.7.2.5 lt 1.7.3.1

http://www.dest-unreach.org/socat/contrib/socat-secadv7.html