Nmap Development mailing list archives
Re: [nmap-svn] r32790 - in nmap-mswin32-aux/OpenSSL: bin include/openssl lib lib/engines
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 07 Apr 2014 15:50:56 -0500
On 04/07/2014 03:19 PM, Daniel Miller wrote:
On 04/06/2014 04:46 AM, commit-mailer () nmap org wrote:Great! Unfortunately, this hit today: https://www.openssl.org/news/secadv_20140407.txtAuthor: robert Date: Sun Apr 6 09:46:12 2014 New Revision: 32790 Log: Upgraded the included OpenSSL on Windows to version 1.0.1f.Memory leak through the TLS Heartbeat extension. Probably not a big deal for our users, but the advisory *does* say it affects clients. Any idea how quick an upgrade or the -DOPENSSL_NO_HEARTBEATS workaround would take?Also, anyone want to tackle an exploit script for this? :) Dan
Wow, that was fast. Fixed in r32792. Thanks Rob! Dan _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r32790 - in nmap-mswin32-aux/OpenSSL: bin include/openssl lib lib/engines Daniel Miller (Apr 07)
- Re: [nmap-svn] r32790 - in nmap-mswin32-aux/OpenSSL: bin include/openssl lib lib/engines Daniel Miller (Apr 07)