Date: Tue, 8 Dec 2020 20:01:14 +0100 From: yersinia <yersinia.spiros@...il.com> To: oss-security@...ts.openwall.com Subject: Bugs found by Cryptofuzz - some missing CVEs or too low impact for CVE? At this link, multiple security bugs of various kinds are highlighted in very widespread basic cryptographic applications, which have then been corrected. I haven't done a deep analysis on all of them but I haven't found any associated CVEs of some of them. Do I have to assume that they weren't all that important or that the process of reporting them was missing? Thanks https://github.com/guidovranken/cryptofuzz
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.