Date: Thu, 7 Oct 2010 19:51:33 -0600 From: Vincent Danen <vdanen@...hat.com> To: oss-security@...ts.openwall.com Subject: qpidd SSL connection DoS (CVE-2010-3083) Just a heads up for anyone that ships qpid. About a year and a half ago a blocking condition was found with SSL connections to qpidd, but I don't think upstream really thought about the security implications. It was fixed upstream in July 2009. The details are in our bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3083 -- Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.