Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?
From: rsalz@xxxxxxxxxx (Salz, Rich)
Date: Fri, 30 Jan 2015 21:46:46 +0000
In-reply-to: <54CBF51B.2000501@artisanlogiciel.net>
References: <54CBF51B.2000501@artisanlogiciel.net>

> So it look like only direct use of BIO_gethostbyname can cause issues and
> openssl does not rely on obsolete gethostbyname if it can use alternate
> getaddrinfo.
> 
> I would be happy to receive any comment on that.


Okay:  I agree with your review...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?
  - From: Viktor Dukhovni

References:
- Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?
  - From: pl

Prev by Date: Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?
Next by Date: Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?
Previous by thread: Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?
Next by thread: Is openssl a vector of exploit for Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname ?
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux