[openssl-dev] [openssl-users] OpenSSL Security Advisory
Michel
michel.sales at free.fr
Tue Mar 1 21:06:13 UTC 2016
Hi,
I am a bit surprised with the following assertion concerning CVE-2016-0798 :
(Memory leak in SRP database lookups)
"This issue was discovered on February 23rd 2016..."
My opinion is that this issue is known at least since I reported it to you
(first in march 2015 !) :
https://mta.openssl.org/pipermail/openssl-dev/2015-March/001015.html
https://mta.openssl.org/pipermail/openssl-bugs-mod/2015-December/000279.html
This is s a further demonstration that I still have to improve my english !
;-)
Regards,
Michel.
More information about the openssl-dev
mailing list