Oval Definition:oval:com.ubuntu.artful:def:20185382000
Revision Date:2018-04-16Version:1
Title:CVE-2018-5382 on Ubuntu 17.10 (artful) - medium.
Description:Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-5382
Platform(s):Ubuntu 17.10
Product(s):
Definition Synopsis
  • Ubuntu 17.10 (artful) is installed.
  • AND NOT While related to the CVE in some way, the 'bouncycastle' package in artful is not affected (note: '1.57-1').
  • BACK