Re: Does Heartbleed count for the purposes of BR 4.9.1.1 point 11? ("proven or demonstrated method")

在 2019年5月27日星期一 UTC+8上午10:05:25，Matt Palmer写道： > On Sun, May 26, 2019 at 06:57:08PM -0700, Han Yuwei via dev-security-policy > wrote: > > If malloc() is correctly implemented, private keys are secure from > > Heartbleed. So > > I think it doesn't meet the criteria. > > Just to make sure I'm

Re: Does Heartbleed count for the purposes of BR 4.9.11 point 11? ("proven or demonstrated method")

On Monday, May 27, 2019, Matt Palmer via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On Mon, May 27, 2019 at 06:06:42AM +0300, Ryan Sleevi wrote: > > On Mon, May 27, 2019 at 4:34 AM Matt Palmer via dev-security-policy < > > dev-security-policy@lists.mozilla.org> wrote: >