Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Jul 2014 21:01:27 +0100
From: Stuart Henderson <>
Subject: Re: Re: CVE request: libressl before 2.0.2 under
 linux PRNG failure

> >
> > forking a process can create repeated random numbers
> > Please assign CVE.
> The existence of a popular blog post discussing a number of
> interrelated LibreSSL and OpenSSL issues doesn't mean that we have a
> good way to proceed by assigning a single CVE ID.

I see a number of web pages relating to this issue are mentioning that
it has already been assigned CVE-2014-2970, can anyone throw light on this?

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.