sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] Causes of "Vulnerable to CVE-2014-3207" flag in https://sks-

From: Eric Germann
Subject: [Sks-devel] Causes of "Vulnerable to CVE-2014-3207" flag in https://sks-keyservers.net/status/ks-status.php?server= page
Date: Sat, 30 Jun 2018 09:20:58 -0400
Greetings,

Can anyone shed some light on what causes the "Vulnerable to CVE-2014-3207” flag to be set in the status page (https://sks-keyservers.net/status/ks-status.php?server=<servername>) for a server?

Build configuration is sks-1.1.6 from source, nginx 1.15.0 configured as laid out in https://keyserver.mattrude.com/guides/building-server/

After a boot, the key server will show “No” in the CVE field and it appears to be eligible for pool inclusion.  After a while, it moves to “Yes” and appears to be ineligible.

I’m trying to understand what changes from just running as the CVE seems to be on the SKS server side.

Thanks for any insight

EKG

Attachment: signature.asc
Description: Message signed with OpenPGP

reply via email to
[Prev in Thread] Current Thread [Next in Thread]