Oval Definition:	oval:com.ubuntu.disco:def:2017128720000000
Revision Date: 2017-09-01 Version: 1 Title: CVE-2017-12872 on Ubuntu 19.04 (disco) - medium. Description: The (1) Htpasswd authentication source in the authcrypt module and (2) SimpleSAML_Session class in SimpleSAMLphp 1.14.11 and earlier allow remote attackers to conduct timing side-channel attacks by leveraging use of the standard comparison operator to compare secret material against user input. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-12872 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND simplesamlphp package in disco, is related to the CVE in some way and has been fixed (note: '1.14.15-1').
BACK