[openssl-dev] CVE-2016-2177
Salz, Rich
rsalz at akamai.com
Tue Jun 28 15:22:52 UTC 2016
>Will you be releasing 1.0.2i soon to address this issue?
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2177
Please see https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
Short answer: this is a LOW issue, and does not justify a release by itself.
--
Senior Architect, Akamai Technologies
IM: richsalz at jabber.at Twitter: RichSalz
More information about the openssl-dev
mailing list