Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Apr 2014 12:01:47 -0600
From: "Vincent Danen" <vdanen@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: Other instances of CVE-2014-0160 - mod_spdy from
 Google

On 04/09/2014, at 0:00 AM, Arrigo Triulzi wrote:

> On Apr 9, 2014, at 05:59, Kurt Seifried <kseifried@...hat.com> wrote:
>> So it appears there are projects that statically compile OpenSSL into
>> their software, one example:
>
> Note that OpenVPN has also advertised on Twitter that they too have released a new version with a patch for Heartbleed. Most architectures ship with OpenVPN dynamically linked but they do distribute with their own private copy.

LibreOffice as well, but only if you get their binaries apparently:

http://www.libreoffice.org/about-us/security/advisories/cve-2014-0160/

-- 
Vincent Danen / Red Hat Security Response Team
[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ