Full Disclosure mailing list archives

Re: More OpenSSL issues

From: P Vixie <paul () redbarn org>
Date: Fri, 06 Jun 2014 00:35:17 -0700

This does not appear to be the same panic level as the previous patch. In other words the previous openssl vuln was 
worse than the instability of all-night patching. This one is not. Take time to roll out right.

On June 5, 2014 7:51:50 AM PDT, Jordan Urie <jordan () uptech ca> wrote:

Ladies and Gentlemen,

https://www.openssl.org/news/secadv_20140605.txt

There's an MITM in there, and a potential for buffer over-runs.

Patch up :-)


Jordan

--

Jordan R. Urie

UP Technology Consulting, Inc.
1129 - 177A St. SW
Edmonton, AB  T6W 2A1
Phone: (780) 809-0932

www.uptech.ca

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/


-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

More OpenSSL issues Jordan Urie (Jun 05)
- Re: More OpenSSL issues Brandon Vincent (Jun 05)
- Re: More OpenSSL issues P Vixie (Jun 06)
  - Re: More OpenSSL issues Craig Young (Jun 07)