On 09/06/2011 20:43, Andreas Probst wrote: > Hi community, > > I found an email about VeraCode having found issues in OpenSSL (see > http://www.mail-archive.com/openssl-dev@openssl.org/msg25491.html). > > Have there been follow-up activities? Did someone review or address > the VeraCode results?
IIRC, the "vulnerabilities" they found was (were?) an untriaged list of static code analysis output. As usual, mostly false positives. -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org