oss-sec mailing list archives

Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 9 Dec 2010 07:47:16 -0500 (EST)

My fault. Use CVE-2010-4334. I made the mistake of searching for "perl"instead of "SSL" through oss-security subject lines...


- Steve


On Thu, 9 Dec 2010, Ludwig Nussel wrote:

Josh Bressers wrote:

----- "Raphael Geissert" <geissert () debian org> wrote:

IO::Socket::SSL: unexpected fallback to VERIFY_NONE if certificate
file(s)
are not specified.
http://bugs.debian.org/606058
http://secunia.com/advisories/42508/


CVE-2010-4334


There's a duplicate: CVE-2010-4501

cu
Ludwig

--
(o_   Ludwig Nussel
//\
V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

Current thread:

CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Raphael Geissert (Dec 06)
- Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Josh Bressers (Dec 07)
  - Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Ludwig Nussel (Dec 09)
    - Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Steven M. Christey (Dec 09)