Remove trailing spaces in file docs/source/security/2016/20160301_openssl.rst

2025-10-31 03:12:30 +00:00 · 2017-12-31 23:59:59 +00:00
parent 09bba64b00
commit b31bedbe7f
1 changed files with 16 additions and 16 deletions
--- a/docs/source/security/2016/20160301_openssl.rst
+++ b/docs/source/security/2016/20160301_openssl.rst
@@ -8,61 +8,61 @@ Advisory CVEs

 * CVE-2016-0800 - **Cross-protocol attack on TLS using SSLv2 (DROWN)**  (Severity:High)

-  This issue affects OpenSSL versions 1.0.1 and 1.0.2.  
-  
-  OpenSSL 1.0.2 users should upgrade to 1.0.2g  
+  This issue affects OpenSSL versions 1.0.1 and 1.0.2.
+
+  OpenSSL 1.0.2 users should upgrade to 1.0.2g
  OpenSSL 1.0.1 users should upgrade to 1.0.1s

 * CVE-2016-0705 - **Double-free in DSA code** (Severity:Low)

  This issue affects OpenSSL versions 1.0.2 and 1.0.1.

-  OpenSSL 1.0.2 users should upgrade to 1.0.2g  
+  OpenSSL 1.0.2 users should upgrade to 1.0.2g
  OpenSSL 1.0.1 users should upgrade to 1.0.1s

 * CVE-2016-0798  - **Memory leak in SRP database lookups** (Severity:Low)
- 
+
  This issue affects OpenSSL versions 1.0.2 and 1.0.1.

-  OpenSSL 1.0.2 users should upgrade to 1.0.2g  
+  OpenSSL 1.0.2 users should upgrade to 1.0.2g
  OpenSSL 1.0.1 users should upgrade to 1.0.1s

 * CVE-2016-0797  - **BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption** (Severity:Low)
- 
+
  This issue affects OpenSSL versions 1.0.2 and 1.0.1.

-  OpenSSL 1.0.2 users should upgrade to 1.0.2g  
+  OpenSSL 1.0.2 users should upgrade to 1.0.2g
  OpenSSL 1.0.1 users should upgrade to 1.0.1s


 * CVE-2016-0797  - **Fix memory issues in BIO_*printf functions** (Severity:Low)
- 
+
  This issue affects OpenSSL versions 1.0.2 and 1.0.1.

-  OpenSSL 1.0.2 users should upgrade to 1.0.2g  
+  OpenSSL 1.0.2 users should upgrade to 1.0.2g
  OpenSSL 1.0.1 users should upgrade to 1.0.1s


 * CVE-2016-0702  - **Side channel attack on modular exponentiation** (Severity:Low)
- 
+
  This issue affects OpenSSL versions 1.0.2 and 1.0.1.

-  OpenSSL 1.0.2 users should upgrade to 1.0.2g  
+  OpenSSL 1.0.2 users should upgrade to 1.0.2g
  OpenSSL 1.0.1 users should upgrade to 1.0.1s

 * CVE-2016-0703  - **Divide-and-conquer session key recovery in SSLv2** (Severity:High)
- 
+
  This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions.  It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf

 * CVE-2016-0704  - **Bleichenbacher oracle in SSLv2** (Severity:Moderate)
- 
+
  This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions.  It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf


 Action
 ------

-xCAT uses OpenSSL for client-server communication but **does not** ship it.  Regarding CVE-2016-0800, xCAT also does not use SSLv2 layer but uses the newer TLS transport layer security.  
+xCAT uses OpenSSL for client-server communication but **does not** ship it.  Regarding CVE-2016-0800, xCAT also does not use SSLv2 layer but uses the newer TLS transport layer security.

-It is recommended to keep your OpenSSL levels up-to-date with the indicated versions in the security bulletins to prevent any potential security threats. 
+It is recommended to keep your OpenSSL levels up-to-date with the indicated versions in the security bulletins to prevent any potential security threats.