Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 17 Apr 2014 14:13:11 +0200
From: Raphael Geissert <>
To: Open Source Security <>,
Subject: CVE ids for CyaSSL 2.9.4?


[CC'ing Ivan Fratric and one of the many @wolfssl addresses I found]

CyaSSL 2.9.4 fixes a number of security issues.

>From [3]:
> Issue #1 (Memory  Corruption)
> Issue #2 (Out of bounds read)
> Issue #3 (Dangerous Default Behavior, out of bounds read)
> Issue #4 (NULL pointer dereference)
> Issue #5 (Unknown Critical Certificate Extension Allowed)

Have CVE ids been assigned already? if not, could they be assigned?

Thanks in advance.


Raphael Geissert - Debian Developer -

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ