oss-sec mailing list archives
Re: Other instances of CVE-2014-0160 - mod_spdy from Google
From: "Vincent Danen" <vdanen () redhat com>
Date: Fri, 11 Apr 2014 12:01:47 -0600
On 04/09/2014, at 0:00 AM, Arrigo Triulzi wrote:
On Apr 9, 2014, at 05:59, Kurt Seifried <kseifried () redhat com> wrote:So it appears there are projects that statically compile OpenSSL into their software, one example:Note that OpenVPN has also advertised on Twitter that they too have released a new version with a patch for Heartbleed. Most architectures ship with OpenVPN dynamically linked but they do distribute with their own private copy.
LibreOffice as well, but only if you get their binaries apparently: http://www.libreoffice.org/about-us/security/advisories/cve-2014-0160/ -- Vincent Danen / Red Hat Security Response Team
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Other instances of CVE-2014-0160 - mod_spdy from Google Kurt Seifried (Apr 08)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google Alan Coopersmith (Apr 08)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google Kurt Seifried (Apr 08)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google mancha (Apr 08)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google Arrigo Triulzi (Apr 09)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google Vincent Danen (Apr 11)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google Carlos Alberto Lopez Perez (Apr 11)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google mancha (Apr 13)
- Re: Other instances of CVE-2014-0160 - mod_spdy from Google Alan Coopersmith (Apr 08)