On Mon, Feb 25, 2013 at 8:46 AM, Jeff King p...@peff.net wrote:
On Sun, Feb 24, 2013 at 11:01:50PM +0530, Zubin Mithra wrote:
There seems to be a security issue in the way git uses openssl for
certificate validation. Similar occurrences have been found and
documented in other open source
Hello,
There seems to be a security issue in the way git uses openssl for
certificate validation. Similar occurrences have been found and
documented in other open source projects, the research can be found at
[1].
-=]
- imap-send.c
Line 307
307 ret = SSL_connect(sock-ssl);
308 if
On 02/24/2013 06:31 PM, Zubin Mithra wrote:
Hello,
There seems to be a security issue in the way git uses openssl for
certificate validation. Similar occurrences have been found and
documented in other open source projects, the research can be found at
[1].
-=]
- imap-send.c
Hello,
On Mon, Feb 25, 2013 at 12:16 AM, Andreas Ericsson a...@op5.se wrote:
On 02/24/2013 06:31 PM, Zubin Mithra wrote:
Hello,
There seems to be a security issue in the way git uses openssl for
certificate validation. Similar occurrences have been found and
documented in other open source
On Sun, Feb 24, 2013 at 11:01:50PM +0530, Zubin Mithra wrote:
There seems to be a security issue in the way git uses openssl for
certificate validation. Similar occurrences have been found and
documented in other open source projects, the research can be found at
[1].
-=]
-
On Sun, Feb 24, 2013 at 07:46:51PM +0100, Andreas Ericsson wrote:
The lack of certificate authority verification presents no attack vector
for git imap-send. As such, it doesn't warrant a CVE. I'm sure you'll
be credited with a reported-by line in the commit message if someone
decides to fix
Jeff King p...@peff.net writes:
On Sun, Feb 24, 2013 at 07:46:51PM +0100, Andreas Ericsson wrote:
The lack of certificate authority verification presents no attack vector
for git imap-send. As such, it doesn't warrant a CVE. I'm sure you'll
be credited with a reported-by line in the commit
7 matches
Mail list logo