Thanks! I did the same grep, but wasnt sure whether or not that particular
function (SSL_get_shared_ciphers) got called by another function in OpenSSL
which was originally called by some of the big apps like sendmail,apache
and sshd
When I last researched this when the first problem with
At 05:43 PM 9/28/2007, Stefan Esser wrote:
I did not see any commits to the OpenSSL code, recently; is anybody
going to commit the fix?
See http://www.securityfocus.com/archive/1/480855/30/0 for details ...
How serious is this particular issue ? Is it easily exploitable, or
difficult to do ?
Stefan Esser wrote:
I did not see any commits to the OpenSSL code, recently; is anybody
going to commit the fix?
See http://www.securityfocus.com/archive/1/480855/30/0 for details ...
Regards, STefan
Hello Stefan,
We are aware of the situation and have this on our todo list.
Thanks,
I did not see any commits to the OpenSSL code, recently; is anybody
going to commit the fix?
See http://www.securityfocus.com/archive/1/480855/30/0 for details ...
Regards, STefan
___
freebsd-security@freebsd.org mailing list