Thanks Matt for a prompt response. On Mon, Mar 23, 2015 at 4:25 PM, Matt Caswell <matt at openssl.org> wrote: > > > On 23/03/15 10:50, Jaya Nageswar wrote: > > Hi All, > > > > As per openssl advisory http://www.openssl.org/news/secadv_20150319.txt, > > the vulnerability CVE-2015-0292 is fixed in 0.9.8 za. Is this correct or > > typo? > > It is correct. As the advisory states this is a historic bug that was > fixed in previous versions but had not appeared in a security advisory > until now. > > > Can some one point me to the code changes related to this fix on > > gib hub. I really could not find the code changes related to the commit > > 9febee0272 (0.9.8) as per the advisory. > > > > https://github.com/openssl/openssl/commit/9febee0272 > > Matt > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150323/8374ef4d/attachment.html>
