| Errata ID | 373 |
|---|---|
| Date | 2018-05-08 |
| Source package | erlang |
| Fixed in version | 1:17.3-dfsg-4+deb8u2 |
| Description | This update addresses the following issue: * The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher attack). (CVE-2017-1000385) |
| Additional notes | |
| CVE ID | CVE-2017-1000385 |
| UCS Bug number | #46115 |
