Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 3 Jun 2014 13:21:21 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: GnuTLS and libtasn1 security fixes

On Sun, 01 Jun 2014 21:40:18 +0200 Kristian Fiskerstrand wrote:

> Based on your research of this issue can you comment anything on
> whether CVE-2014-3466 affects the 2.x series as well?

AFAICS, the issue was introduced in 2000.  GnuTLS 1.0.0 seems to be
from 2003.

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ