Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 9 Dec 2010 07:47:16 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: Ludwig Nussel <ludwig.nussel@...e.de>
cc: oss-security@...ts.openwall.com,
        "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE requests: IO::Socket::SSL, cakephp, collectd,
 gnash, ocrodjvu, hypermail, libcloud, piwigo


My fault.  Use CVE-2010-4334.  I made the mistake of searching for "perl" 
instead of "SSL" through oss-security subject lines...

- Steve


On Thu, 9 Dec 2010, Ludwig Nussel wrote:

> Josh Bressers wrote:
>> ----- "Raphael Geissert" <geissert@...ian.org> wrote:
>>> IO::Socket::SSL: unexpected fallback to VERIFY_NONE if certificate
>>> file(s)
>>> are not specified.
>>> http://bugs.debian.org/606058
>>> http://secunia.com/advisories/42508/
>>
>> CVE-2010-4334
>
> There's a duplicate: CVE-2010-4501
>
> cu
> Ludwig
>
> -- 
> (o_   Ludwig Nussel
> //\
> V_/_  http://www.suse.de/
> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ