Ask Your Question
1

Could anyone please let us know for what packages following CVE's were "Affected" ? And what were the updated package versions in which Affected CVE's were fixed ? CVE-2014-3566, CVE-2011-3389, CVE-2013-2566, CVE-2016-2183, CVE-2001-1473

asked 2017-10-03 01:23:04 -0600

Ruchi Kaushal gravatar image

Could anyone please let us know for what packages following CVE's were "Affected" like NSS / openssl etc ? And what were the updated package versions in which Affected CVE's were fixed ?

CVE-2014-3566, CVE-2011-3389,
CVE-2013-2566,
CVE-2016-2183,
CVE-2001-1473

edit retag flag offensive close merge delete

Comments

1

https://cve.mitre.org/cve/cve.html

Use Search Master Copy of CVE section to find relevant information.

ozeszty gravatar imageozeszty ( 2017-10-03 04:32:50 -0600 )edit

1 Answer

Sort by ยป oldest newest most voted
1

answered 2017-10-03 15:10:34 -0600

MettaCrawler gravatar image

updated 2017-10-03 15:17:20 -0600

For each CVE code, browse to URL like this: https://access.redhat.com/security/cv...

Then scroll down and see the list of package names on that page.

To translate to Fedora package versions, take the package name from that page and run rpm -q --changelog pkgname and search through that for the CVE code. Some packages may be deprecated or have different names, search around.

edit flag offensive delete link more

Comments

We could see that nss and openssl is "Affected" for few CVE's but there is no RHSA or updated version provided on the CVE page. We wanted to know in what versions the affected packages are fixed.

Thanks.

Ruchi Kaushal gravatar imageRuchi Kaushal ( 2017-10-06 03:33:23 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-10-03 01:23:04 -0600

Seen: 70 times

Last updated: Oct 03 '17