Berin,
Unfortunately i dont have my list of fixes
available to me at the moment.. im away at the moment. As soon as i get
back to work i will take a closer look.
However I have just taken a look at the
WinCAPICryptoKeyDSA.cpp from the html CVS interface and i see there is at
least one fix missing
Inside bool
WinCAPICryptoKeyDSA::verifyBase64Signature()
A tempory hask key "h" is created and not
destroyed
BOOL fResult;
HCRYPTHASH h;
fResult = CryptCreateHash(m_p,
CALG_SHA1,
0,
0,
&h);
HCRYPTHASH h;
fResult = CryptCreateHash(m_p,
CALG_SHA1,
0,
0,
&h);
This one needs destroying... i am afraid
!
Steve
PS...
There was a list of these problems i reported to
the mailing list, i dont think i sent them to the bugzilla.. sorry!
The mailing thread was entitled
They are described in http://news.gmane.org/gmane.text.xml.security.devel
----- Original Message -----
From: "Berin Lautenbach" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Thursday, January 19, 2006 8:26
AM
Subject: Re: [VOTE] Werner as juice
committer
>
> +1
>
> Cheers,
> Berin
>
>
> Davanum Srinivas wrote:
>> As part of reviving juice, can we please VOTE werner as a committer to
>> enable him to continue his offline work? [1]
>>
>> Here's my +1.
>>
>> thanks,
>> dims
>>
>> [1] : http://www.nabble.com/Status-of-my-upgrades-and-so-on-t945224.html
>>
>> --
>> Davanum Srinivas : http://wso2.com/blogs/
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>>
>
>
>
> ---
> avast! Antivirus: Inbound message clean.
> Virus Database (VPS): 0603-3, 18/01/2006
> Tested on: 20/01/2006 11:50:44
> avast! - copyright (c) 1988-2005 ALWIL Software.
> http://www.avast.com
>
>
>
