On Sat, Jan 10, 2015 at 12:18 PM, Ivan Jelincic wrote:
> Is openssl1.0.1j unaffected?
Yes. It concerns CVE-2014-8275.
Which in https://www.openssl.org/news/openssl-1.0.1-notes.html is under:
Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]
Wladimir
Is openssl1.0.1j unaffected?
On 01/10/2015 09:35 AM, Wladimir wrote:
> On Sat, Jan 10, 2015 at 4:26 AM, Gregory Maxwell wrote:
>> https://github.com/bitcoin/bitcoin/commit/488ed32f2ada1d1dd108fc245d025c4d5f252783
>> (versions of this will be backported to other stable branches soon)
> For those t
On Sat, Jan 10, 2015 at 4:26 AM, Gregory Maxwell wrote:
> https://github.com/bitcoin/bitcoin/commit/488ed32f2ada1d1dd108fc245d025c4d5f252783
> (versions of this will be backported to other stable branches soon)
For those that build from source, patches to cope with the new OpenSSL
versions are no
On Sat, Jan 10, 2015 at 04:26:23AM +, Gregory Maxwell wrote:
> The incompatibility is due to the OpenSSL update changing the
> behavior of ECDSA validation to reject any signature which is
> not encoded in a very rigid manner. This was a result of
> OpenSSL's change for CVE-2014-8275 "Certific
OpenSSL 1.0.0p / 1.0.1k was recently released and is being
pushed out by various operating system maintainers. My review
determined that this update is incompatible with the Bitcoin
system and could lead to consensus forks.
Bitcoin Core released binaries from Bitcoin.org are unaffected,
as are an
5 matches
Mail list logo
