Date: Sun, 13 Apr 2014 08:17:14 +0000 From: mancha <mancha1@...o.com> To: oss-security@...ts.openwall.com Subject: Re: Other instances of CVE-2014-0160 - mod_spdy from Google On Tue, Apr 08, 2014 at 09:59:33PM -0600, Kurt Seifried wrote: > So it appears there are projects that statically compile OpenSSL into > their software, one example: > > I have to assume there are more. So if you know of any please post > them to OSS-Security (and Full-Disclosure) so people can find out (and > hopefully all the security scanners/etc. add them to their checks). Three more for the list: NoMachine https://www.nomachine.com/forums/forums/topic/openssl-security-vulnerability VMware http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=2076225 FileMaker http://help.filemaker.com/app/answers/detail/a_id/13384 --mancha Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ