Rainer Jung wrote:
On 22.03.2010 14:52, William A. Rowe Jr. wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
I agree there should be a release fixing (at least) CVE-2009-3555 (ssl
reneg). My tests were positive, but more eyes are very welcome.
Rainer,
XP SP2
Hi Gregg,
thanks for testing, see comments below.
On 24.03.2010 23:17, Gregg L. Smith wrote:
Rainer Jung wrote:
On 22.03.2010 14:52, William A. Rowe Jr. wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
I agree there should be a release fixing (at least)
On 3/24/2010 5:51 PM, Rainer Jung wrote:
The server only needs server initiated renegotiations.
As repeated several times, there are apparently micro SSL implementations
out there in the wild, e.g. cell phone browsers, who choose to renegotiate
and - seeing an alert that it is not supported,
On 25.03.2010 00:20, William A. Rowe Jr. wrote:
On 3/24/2010 5:51 PM, Rainer Jung wrote:
The server only needs server initiated renegotiations.
As repeated several times, there are apparently micro SSL implementations
out there in the wild, e.g. cell phone browsers, who choose to renegotiate
Wondering if we are comfortable tagging and releasing 2.0.64 in the
coming days? These security issues aught to be addressed, and while
we are at it, it just seems like a nice thing to do as we get closer
to some 2.3 beta and further from any more improvements to 2.0.
Opinions? Volunteers? If
On Mon, Mar 22, 2010 at 08:52:13AM -0500, William A. Rowe Jr. wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
coming days? These security issues aught to be addressed, and while
we are at it, it just seems like a nice thing to do as we get closer
to some 2.3 beta
On Mon, Mar 22, 2010 at 9:52 AM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
coming days? These security issues aught to be addressed, and while
we are at it, it just seems like a nice thing to do as we get closer
to some
On Mon, Mar 22, 2010 at 10:17 AM, Jeff Trawick traw...@gmail.com wrote:
On Mon, Mar 22, 2010 at 9:52 AM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
coming days? These security issues aught to be addressed, and while
we
On Mon, Mar 22, 2010 at 10:17:41AM -0400, Jeff Trawick wrote:
Does anyone feel a need to release APR and -Util first to resolve
CVE-2009-2412? I don't think it is so important personally, but it is
worth asking.
Would be nice to get both things done at once to avoid as much pressure for
On 22.03.2010 14:52, William A. Rowe Jr. wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
coming days? These security issues aught to be addressed, and while
we are at it, it just seems like a nice thing to do as we get closer
to some 2.3 beta and further from any more
On 3/22/2010 9:51 AM, Rainer Jung wrote:
On 22.03.2010 14:52, William A. Rowe Jr. wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
coming days? These security issues aught to be addressed, and while
we are at it, it just seems like a nice thing to do as we get closer
On Mar 22, 2010, at 6:52 AM, William A. Rowe Jr. wrote:
Wondering if we are comfortable tagging and releasing 2.0.64 in the
coming days? These security issues aught to be addressed, and while
we are at it, it just seems like a nice thing to do as we get closer
to some 2.3 beta and further
12 matches
Mail list logo
