Date: Sat, 26 Dec 2015 07:28:52 +0000 From: Sevan Janiyan <venture37@...klan.co.uk> To: oss-security@...ts.openwall.com Subject: Being vulnerable to POODLE Hi, If you have a piece of software which is vulnerable to POODLE, should a CVE be requested for it or should CVE-2014-3566 just be referenced in any advisories published? It turns out that CoovaChilli is vulnerable to POODLE & I'd like to follow the correct procedure regarding disclosure. There's a fix pending due to needing further testing at which point an advisory will be published with the necessary details. Regards, Sevan  http://coova.github.io/CoovaChilli/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ