OpenSSL and detecting whether bugs have been patched

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: OpenSSL and detecting whether bugs have been patched
From: rsalz@xxxxxxxxxx (Salz, Rich)
Date: Thu, 5 Mar 2015 12:23:41 +0000
In-reply-to: <8B1ED467-BD6B-4FB6-8553-FC5D16DA64BC@sharp.fm>
References: <8B1ED467-BD6B-4FB6-8553-FC5D16DA64BC@sharp.fm>

> if (!openssl_is_patched("CVE-2014-0160?)) {
>    complain_vociferously();
> }

That's an interesting idea.  Of course the CVE list would grow, so perhaps arrays of ints are better
	Int OPENSSL_cve_fixed(int year, int vuln);;

?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- OpenSSL and detecting whether bugs have been patched
  - From: Jason Woods

References:
- OpenSSL and detecting whether bugs have been patched
  - From: Graham Leggett

Prev by Date: Fw: Openssl upgrade
Next by Date: Is Pre-1.0.1k Client in FIPS Mode Vulnerable To CVE-2015-0204 (RSA silently downgrades to EXPORT_RSA)?
Previous by thread: OpenSSL and detecting whether bugs have been patched
Next by thread: OpenSSL and detecting whether bugs have been patched
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux