Re: GnuTLS and libtasn1 security fixes

[Kristian Fiskerstrand <kristian.fiskerstrand () sumptuouscapital com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 05/30/2014 10:31 AM, Tomas Hoger wrote:
> Hi!
>
> New GnuTLS and libtasn1 versions fix few issues you might be
> interested to look at:

Thanks Thomas.

Based on your research of this issue can you comment anything on
whether CVE-2014-3466 affects the 2.x series as well? It seems like at
least CVE-2014-3465 is 3.x series only.

- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Testis unus, testis nullus
A single witness is no witness
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTi4GiAAoJEPw7F94F4Tagv/MP/ji+/N+rUGV89E41CHCRrBXx
8GGgGJ60qKGwoJxtpsbgZ9QHKUFBCfPVRAm8BRbWgmJ6lA80Gy4bzXKKxS80vvtO
Q1URG+EQFgy+lSK3iaYY1b8AH9RTVfIlKwXmUoWASnEOlVej+Lt2q2K187OsSj/I
d3iGR5WOXVl08ui0ScONtsczxZNjRmN9yKmUnt6wHfkazoQRNCv4cCU6vsSI9T9c
97LP2bR4aX1ryCwQzraVC9Ne4Q0nbpqah5fJ26ak8cre1Zzi4prVpwoBRslmsPgf
HqGuvv6iVUgIlpmC1KLa/B4jAQ9PdDpK918olgIprFyYudrHrzfy+f9Q4x1bu83l
qnm4PXsbMmek2DOr+lmMuwxWYTnRAVVH9Hzcp1QDwow7X8hWmJQc0GomlhsT73r0
HuBRSQNmSpkK7/0St7h/2RrdgQzULj06N0BqChO3OLp4TQrMrlclseqotQ6nNZ6t
B0F/iY9U2vtAvgMNyXmz3zuhs1z3qAEosJTxHW8sq5s4sTf4dOltbfZC8Opn1X6d
4QyHJg8og9oLDyH9H4Exy14VUis+kts2i3DUNG7L+SAI3Hd71cWAhetmaKi/elW3
GAdro8sv0LhrhvhahwyHF6BHbnI+Jpn6+8zzxnLHUGHaooqp1icQWTyn8PbnVXrO
IFHs07jwQ2m5W35zHWeP
=u100
-----END PGP SIGNATURE-----