Date: Thu, 7 Oct 2010 19:51:33 -0600 From: Vincent Danen <vdanen@...hat.com> To: oss-security@...ts.openwall.com Subject: qpidd SSL connection DoS (CVE-2010-3083) Just a heads up for anyone that ships qpid. About a year and a half ago a blocking condition was found with SSL connections to qpidd, but I don't think upstream really thought about the security implications. It was fixed upstream in July 2009. The details are in our bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3083 -- Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ