Candidate: CVE-2010-0009
PublicDate: 2010-04-05 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0009
Description:
 Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain
 sensitive information by measuring the completion time of operations that
 verify (1) hashes or (2) passwords.
Ubuntu-Description:
Notes:
 jdstrand> backport is regression prone
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/couchdb/+bug/566522
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 

Patches_couchdb:
 upstream: http://svn.apache.org/viewvc?view=revision&revision=898552
upstream_couchdb: released (0.10.2, 0.11.0)
dapper_couchdb: DNE
hardy_couchdb: DNE
intrepid_couchdb: needed (reached end-of-life)
jaunty_couchdb: ignored (reached end-of-life)
karmic_couchdb: ignored (reached end-of-life)
lucid_couchdb: ignored
maverick_couchdb: not-affected (1.0.1-0ubuntu1)
natty_couchdb: not-affected (1.0.1-0ubuntu1)
oneiric_couchdb: not-affected (1.0.1-0ubuntu1)
precise_couchdb: not-affected (1.0.1-0ubuntu1)
quantal_couchdb: not-affected (1.0.1-0ubuntu1)
devel_couchdb: not-affected (1.0.1-0ubuntu1)