Included static page generation into treenew-web-pages

Also create a CI task to generate the web site and upload to gnutls.gitlab.io.
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-09-10 19:57:59 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-09-11 09:22:30 +0200
commit: 7c7774dfd034efa911f03b4a88de8ec01a4c282a (patch)
tree: 5cb9b934922d3b1de741993b45d24ced232002ff /www/security-entries/GNUTLS-SA-2015-1
parent: c44580b1a6b177acfce74ee54d79f745baa1a6de (diff)
download: gnutls-7c7774dfd034efa911f03b4a88de8ec01a4c282a.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/www/security-entries/GNUTLS-SA-2015-1 b/www/security-entries/GNUTLS-SA-2015-1
new file mode 100644
index 0000000000..a470f06fc6
--- /dev/null
+++ b/www/security-entries/GNUTLS-SA-2015-1
@@ -0,0 +1,12 @@
+    <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0282">
+	CVE-2015-0282</a>
+      </td>
+    <td>Signature forgery</td>
+    <td>This issue only affects versions of GnuTLS prior to 3.1.0 (released in 2012).
+    These versions don't verify the RSA PKCS #1 signature algorithm to
+    match the signature algorithm in the certificate, leading to a potential
+    downgrade to a disallowed algorithm, such as MD5, without detecting it.<br>
+
+      <b>Recommendation:</b> Upgrade to GnuTLS 3.1.0, or later.
+A patch will be included in gnutls_2_12_x branch for the users of that
+version that cannot upgrade.</td>
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-09-10 19:57:59 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-09-11 09:22:30 +0200
commit	7c7774dfd034efa911f03b4a88de8ec01a4c282a (patch)
tree	5cb9b934922d3b1de741993b45d24ced232002ff /www/security-entries/GNUTLS-SA-2015-1
parent	c44580b1a6b177acfce74ee54d79f745baa1a6de (diff)
download	gnutls-7c7774dfd034efa911f03b4a88de8ec01a4c282a.tar.gz