Candidate: CVE-2014-1921
PublicDate: 2014-02-14 15:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1921
 https://gaffer.ptitcanardnoir.org/intrigeri/files/parcimonie/App-Parcimonie-0.8.1.tar.gz
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738134
 http://www.debian.org/security/2014/dsa-2860
Description:
 parcimonie before 0.8.1, when using a large keyring, sleeps for the same
 amount of time between fetches, which allows attackers to correlate key
 fetches via unspecified vectors.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738134
Priority: low
Discovered-by: Holger Levsen
Assigned-to:
CVSS: 

Patches_parcimonie:
upstream_parcimonie: released (0.8.1-1)
lucid_parcimonie: DNE
precise_parcimonie: ignored (reached end-of-life)
precise/esm_parcimonie: DNE (precise was needed)
quantal_parcimonie: ignored (reached end-of-life)
saucy_parcimonie: ignored (reached end-of-life)
trusty_parcimonie: ignored (reached end-of-life)
trusty/esm_parcimonie: DNE (trusty was needed)
utopic_parcimonie: not-affected (0.8.2-1)
vivid_parcimonie: not-affected (0.8.2-1)
vivid/stable-phone-overlay_parcimonie: DNE
vivid/ubuntu-core_parcimonie: DNE
wily_parcimonie: not-affected (0.8.2-1)
xenial_parcimonie: not-affected (0.8.2-1)
yakkety_parcimonie: not-affected (0.8.2-1)
zesty_parcimonie: not-affected (0.8.2-1)
artful_parcimonie: not-affected (0.8.2-1)
bionic_parcimonie: not-affected (0.8.2-1)
cosmic_parcimonie: not-affected (0.8.2-1)
disco_parcimonie: not-affected (0.8.2-1)
devel_parcimonie: not-affected (0.8.2-1)