Re: Re: CVE Request: OpenSSL NULL pointer dereference in do_ssl3_write

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Just to confirm what Mitre said, also in general the only time I will
be assigning CVE's on oss-security in the future is for anything time
sensitive, the main reason I did CVE-2014-0198 was also due to the
potential for a blow up (since you know, the week before we'd had a
full on OpenSSL fire drill). One thing  I will ensure in future is to
CC cve-assign@ to minimize the chanc of a duplicate.

Also as usual if you want to make a private request information on how
to do so is available here:

http://people.redhat.com/kseifrie/CVE-OpenSource-Request-HOWTO.html

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTa+XYAAoJEBYNRVNeJnmTH+wQAL3BStUXwH7NJK3VZJ8oD1Dn
vHOLjYE94iz+5EfqDDddkVQDIKIJIc4wipr0qRStYExcLWIknZaPDFGHMTeJ8Uhi
WnsP/EFPbtmvgejz6ShNI61TdGAoKLzqirG1dvETgW4pIh16y+5wLcqY9YvA8LEj
5AODKOrDaHcRzrHIkLzlw1h+UBbHeoZn4FflL9HpAPpj+VUuKBrS939ZkAKN9pP2
KkPPWoAlwjhNp5cv18++Uuon+Tq6NGCHUFmBeldSKOkzmngY6Ye9ZWzRwNPfNo4x
fC3FL80X+foM4BEhAzzFh/jagSQRRNZRkAnFZpFrQpnihMaMISFkhBLl8jwyeOHB
XAnL+gvaI77D00MVspeE62ePz9kbLfWlKstsBl250Um7qivTcOMhjTiT+3F33kMV
qRp5vK2yfx8goakVEgJIAjgh0mGhZYC2k1Mvj/MFF5kxC7nk4mtaxagqMD1GG+Vh
1Ztd+ERZJ09jJ40gkhuW3uutvimy2TDvXmOBp9goYK3j+cOR9eMQeXs6KtN+Es1m
mrbcwBtgcqRd0ZAsGMTHBhBTZQs5wiguQBBF5aIqobl2zL3nSos3iCKs0U+4uQ1q
VbOzuORuZUTYuU8Sp0/+7Hr3ZdyoT3ljZSbbtWzx0dRxfGTuMtc4uQyKOM17QZ4N
6XPFH79m5O5eFmebl4el
=OJo4
-----END PGP SIGNATURE-----