Re: CVE-2014-0160 CentOS 6 openssl heartbleed workaround

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Am 08.04.2014 um 23:08 schrieb Keith Keller <kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx>:
> On 2014-04-08, Robert Arkiletian <robark@xxxxxxxxx> wrote:
>> 
>> if you include libcrypto in the grep then sshd is affected.
> 
> That's unfortunate.  :(  Is the bug in libssl, libcrypto, or both?


looking inside - its seems that this issue (cve-2014-0160) is resolved
in ssl/d1_both.c and ssl/t1_lib.c and not in files under crypto/ ... 
to say more i have to take a look into the build process.

--
LF








	


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux