[openssl-users] Need help on CVE-2015-0292
Jaya Nageswar
jaya.nageswar at gmail.com
Mon Mar 23 18:19:26 UTC 2015
Thanks Matt for a prompt response.
On Mon, Mar 23, 2015 at 4:25 PM, Matt Caswell <matt at openssl.org> wrote:
>
>
> On 23/03/15 10:50, Jaya Nageswar wrote:
> > Hi All,
> >
> > As per openssl advisory http://www.openssl.org/news/secadv_20150319.txt,
> > the vulnerability CVE-2015-0292 is fixed in 0.9.8 za. Is this correct or
> > typo?
>
> It is correct. As the advisory states this is a historic bug that was
> fixed in previous versions but had not appeared in a security advisory
> until now.
>
> > Can some one point me to the code changes related to this fix on
> > gib hub. I really could not find the code changes related to the commit
> > 9febee0272 (0.9.8) as per the advisory.
> >
>
> https://github.com/openssl/openssl/commit/9febee0272
>
> Matt
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150323/8374ef4d/attachment.html>
More information about the openssl-users
mailing list