Skip to content

Commit f0d7263

Browse files
sbernard31sbernard31
committed
Update SECURITY.md to add CVE-2022-2576 issue.
1 parent 009aab9 commit f0d7263

File tree

1 file changed

+62
-23
lines changed

1 file changed

+62
-23
lines changed

SECURITY.md

Lines changed: 62 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -35,60 +35,99 @@ See : https://github.com/eclipse/californium/security/policy
3535
</thead>
3636
<tbody>
3737
<tr>
38-
<td> 2.0.0-M7 + </td>
38+
<td> 2.0.0-M8 + </td>
3939
<td> :heavy_check_mark: </td>
4040
<td />
4141
<td />
4242
<td />
4343
</tr>
4444
<tr>
45-
<td> 2.0.0-M5 -> 2.0.0-M6 </td>
45+
<td> 2.0.0-M6 -> 2.0.0-M7 </td>
4646
<td> :x: </td>
47-
<td> <a href="https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6">GHSA-fj2w-wfgv-mwq6</a> </td>
48-
<td> dependency (com.upokecenter.cbor) </td>
49-
<td> CBOR or SenML-CBOR decoding </td>
47+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2576">CVE-2022-2576</a> </td>
48+
<td> dependency (californium/scandium) </td>
49+
<td> DTLS_VERIFY_PEERS_ ON_RESUMPTION_THRESHOLD > 0 </td>
5050
</tr>
5151
<tr>
52-
<td rowspan=2> 2.0.0-M2 -> 2.0.0-M4</td>
52+
<td rowspan=2> 2.0.0-M5 -> 2.0.0-M6 </td>
5353
<td rowspan=2> :x: </td>
54+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2576">CVE-2022-2576</a> </td>
55+
<td> dependency (californium/scandium) </td>
56+
<td> DTLS_VERIFY_PEERS_ ON_RESUMPTION_THRESHOLD > 0 </td>
57+
<tr>
58+
<td> <a href="https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6">GHSA-fj2w-wfgv-mwq6</a> </td>
59+
<td> dependency (com.upokecenter.cbor) </td>
60+
<td> CBOR or SenML-CBOR decoding </td>
61+
</tr>
62+
</tr>
63+
<tr>
64+
<td rowspan=3> 2.0.0-M2 -> 2.0.0-M4</td>
65+
<td rowspan=3> :x: </td>
66+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2576">CVE-2022-2576</a> </td>
67+
<td> dependency (californium/scandium) </td>
68+
<td> DTLS_VERIFY_PEERS_ ON_RESUMPTION_THRESHOLD > 0 </td>
69+
<tr>
5470
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34433">CVE-2021-34433</a> </td>
5571
<td> dependency (californium/scandium) </td>
5672
<td> DTLS with x509 and/or RPK </td>
73+
</tr>
5774
<tr>
5875
<td> <a href="https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6">GHSA-fj2w-wfgv-mwq6</a> </td>
5976
<td> dependency (com.upokecenter.cbor) </td>
6077
<td> CBOR or SenML-CBOR decoding </td>
6178
</tr>
6279
</tr>
6380
<tr>
64-
<td> 2.0.0-M1 </td>
65-
<td> :x: </td>
66-
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34433">CVE-2021-34433</a> </td>
67-
<td> dependency (californium/scandium) </td>
68-
<td> DTLS with x509 and/or RPK </td>
81+
<td rowspan=2> 2.0.0-M1 </td>
82+
<td rowspan=2> :x: </td>
83+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2576">CVE-2022-2576</a> </td>
84+
<td> dependency (californium/scandium) </td>
85+
<td> DTLS_VERIFY_PEERS_ ON_RESUMPTION_THRESHOLD > 0 </td>
86+
<tr>
87+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34433">CVE-2021-34433</a> </td>
88+
<td> dependency (californium/scandium) </td>
89+
<td> DTLS with x509 and/or RPK </td>
90+
</tr>
6991
</tr>
70-
<tr>
71-
<td> 1.3.2 + </td>
92+
<tr>
93+
<td> 1.4.1 </td>
7294
<td> :heavy_check_mark: </td>
7395
<td />
7496
<td />
7597
<td />
7698
</tr>
7799
<tr>
78-
<td> 1.1.0 -> 1.3.1 </td>
100+
<td> 1.3.1 -> 1.4.0 </td>
79101
<td> :x: </td>
80-
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27222">CVE-2020-27222</a>
81-
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34433">CVE-2021-34433</a>
82-
</td>
102+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2576">CVE-2022-2576</a> </td>
83103
<td> dependency (californium/scandium) </td>
84-
<td> DTLS with x509 and/or RPK </td>
104+
<td> DTLS_VERIFY_PEERS_ ON_RESUMPTION_THRESHOLD > 0 </td>
85105
</tr>
86106
<tr>
87-
<td> 1.0.0 -> 1.0.2 </td>
88-
<td> :x: </td>
89-
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34433">CVE-2021-34433</a> </td>
90-
<td> dependency (californium/scandium) </td>
91-
<td> DTLS with x509 and/or RPK </td>
107+
<td rowspan=2> 1.1.0 -> 1.3.1 </td>
108+
<td rowspan=2> :x: </td>
109+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2576">CVE-2022-2576</a> </td>
110+
<td> dependency (californium/scandium) </td>
111+
<td> DTLS_VERIFY_PEERS_ ON_RESUMPTION_THRESHOLD > 0 </td>
112+
<tr>
113+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27222">CVE-2020-27222</a>
114+
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34433">CVE-2021-34433</a>
115+
</td>
116+
<td> dependency (californium/scandium) </td>
117+
<td> DTLS with x509 and/or RPK </td>
118+
</tr>
119+
</tr>
120+
<tr>
121+
<td rowspan=2> 1.0.0 -> 1.0.2 </td>
122+
<td rowspan=2>:x: </td>
123+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2576">CVE-2022-2576</a> </td>
124+
<td> dependency (californium/scandium) </td>
125+
<td> DTLS_VERIFY_PEERS_ ON_RESUMPTION_THRESHOLD > 0 </td>
126+
<tr>
127+
<td> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34433">CVE-2021-34433</a> </td>
128+
<td> dependency (californium/scandium) </td>
129+
<td> DTLS with x509 and/or RPK </td>
130+
</tr>
92131
</tr>
93132
</tbody>
94133
</table>

0 commit comments

Comments
 (0)