CVE-1999-0428
Quanah Gibson-Mount
quanah at symas.com
Tue Mar 3 23:23:36 UTC 2020
--On Tuesday, March 3, 2020 5:16 PM -0500 Chris Rhoads
<crhoads at identify3d.com> wrote:
> But I've been unable to determine with certainty how the last
> vulnerability on this list (CVE-1999-0428) was fixed. In my research,
> I've found a potential OpenSSL update in release 0.9.2b that may have
> addressed the vulnerability: https://seclists.org/bugtraq/1999/Mar/144.
> But this security alert message doesn't reference any CVE number.
The above email is related to this commit in the OpenSSL source tree:
b4cadc6e1343c01b06613053a90ed2ee85e65090
Since it pre-dates the CVE being filed, it has no reference to the CVE
itself in the commit. Someone from the OpenSSL project would have to
confirm if that is indeed the fix for the above CVE (and if so, then the
CVE database needs updating).
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
More information about the openssl-users
mailing list