oss-sec mailing list archives

Re: FreeBSD Security Advisory FreeBSD-SA-13:10.sctp

From: Dag-Erling Smørgrav <des () des no>
Date: Thu, 22 Aug 2013 13:42:48 +0200

Huzaifa Sidhpurwala <huzaifas () redhat com> writes:

Dag-Erling Smørgrav <des () des no> writes:

This also affects third-party software (Firefox, at the very least)
that incorporates FreeBSD's SCTP implementation.

Are you sure about this?


Allow me to amend my statement: this *may* also affect third-party
software that incorporates our SCTP implementation, including Mozilla
Firefox and Google Chrome.  I can neither confirm nor deny that they are
actually vulnerable; all I can say is that a) I have it on good
authority that they use the same code (JFGI!) and b) they were notified
in advance.

DES
-- 
Dag-Erling Smørgrav - des () des no

Current thread:

FreeBSD Security Advisory FreeBSD-SA-13:10.sctp FreeBSD Security Advisories (Aug 21)
- Re: FreeBSD Security Advisory FreeBSD-SA-13:10.sctp Dag-Erling Smørgrav (Aug 22)
  - Re: FreeBSD Security Advisory FreeBSD-SA-13:10.sctp Huzaifa Sidhpurwala (Aug 22)
    - Re: FreeBSD Security Advisory FreeBSD-SA-13:10.sctp Dag-Erling Smørgrav (Aug 22)