Errata overview
Errata ID 373
Date 2018-05-08
Source package erlang
Fixed in version 1:17.3-dfsg-4+deb8u2
This update addresses the following issue:
* The Erlang otp TLS server answers with different TLS alerts to different
  error types in the RSA PKCS #1 1.5 padding. This allows an attacker to
  decrypt content or sign messages with the server's private key (this is a
  variation of the Bleichenbacher attack). (CVE-2017-1000385)
Additional notes
CVE ID CVE-2017-1000385
UCS Bug number #46115