oss-sec mailing list archives

Re: Forthcoming OpenSSL Releases

From: Bob Beck <bbe () chromium org>
Date: Mon, 31 Oct 2022 10:34:48 -0600

On Mon, Oct 31, 2022 at 10:31 AM Bob Beck <beck () obtuse com> wrote:



Begin forwarded message:

*From: *Demi Marie Obenour <demi () invisiblethingslab com>
*Subject: **Re: [oss-security] Forthcoming OpenSSL Releases*
*Date: *October 29, 2022 at 2:19:41 PM MDT
*To: *oss-security () lists openwall com, Roxana Bradescu <
roxabee () chromium org>
*Cc: *libressl-security () openbsd org

On Sat, Oct 29, 2022 at 08:43:08AM -0400, Bob Beck wrote:

Libressl is not vulnerable to the upcoming issue.


Is the same true for BoringSSL?
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab

BoringSSL is not based on OpenSSL 3.0, so it is not affected.

Current thread:

Forthcoming OpenSSL Releases Ing. Martin Koci, MBA (Oct 25)
- Re: Forthcoming OpenSSL Releases Shawn Webb (Oct 26)
  - Re: Forthcoming OpenSSL Releases Christian Heinrich (Oct 30)
- Re: Forthcoming OpenSSL Releases Georgi Guninski (Oct 27)
  - Re: Forthcoming OpenSSL Releases Roxana Bradescu (Oct 28)
    - Re: Forthcoming OpenSSL Releases Bob Beck (Oct 29)
    - Re: Forthcoming OpenSSL Releases Demi Marie Obenour (Oct 29)
    - Message not available
    - Re: Forthcoming OpenSSL Releases Bob Beck (Oct 31)