Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 26 Dec 2015 07:28:52 +0000
From: Sevan Janiyan <venture37@...klan.co.uk>
To: oss-security@...ts.openwall.com
Subject: Being vulnerable to POODLE

Hi,
If you have a piece of software which is vulnerable to POODLE, should a
CVE be requested for it or should CVE-2014-3566 just be referenced in
any advisories published?

It turns out that CoovaChilli[1] is vulnerable to POODLE & I'd like to
follow the correct procedure regarding disclosure. There's a fix pending
due to needing further testing at which point an advisory will be
published with the necessary details.

Regards,


Sevan
[1] http://coova.github.io/CoovaChilli/

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ