On 19/09/2019 07:47, Manish Patidar wrote: > Hi > This vulnerability is fixed based on pid of process. Currently we are geting pid > only where pthread is enabled, does it mean that this vulnerability does not > impact to other environment like Windows etc.? CVE-2019-1559 has nothing to do with pids. It is a padding oracle that can occur if 0 byte records are received. Perhaps you meant CVE-2019-1549? This is related to how we reseed the random number generator in the event of a "fork". Since windows lacks the capability to do fork it is not a problem on that platform. Matt
