Re: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround

Leon Fauster Tue, 08 Apr 2014 14:59:36 -0700

Am 08.04.2014 um 23:08 schrieb Keith Keller 
<kkel...@wombat.san-francisco.ca.us>:
> On 2014-04-08, Robert Arkiletian <rob...@gmail.com> wrote:
>> 
>> if you include libcrypto in the grep then sshd is affected.
> 
> That's unfortunate.  :(  Is the bug in libssl, libcrypto, or both?



looking inside - its seems that this issue (cve-2014-0160) is resolved
in ssl/d1_both.c and ssl/t1_lib.c and not in files under crypto/ ... 
to say more i have to take a look into the build process.

--
LF








        


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround

Reply via email to