Hi, I am a bit surprised with the following assertion concerning CVE-2016-0798 : (Memory leak in SRP database lookups) "This issue was discovered on February 23rd 2016..."
My opinion is that this issue is known at least since I reported it to you (first in march 2015 !) : https://mta.openssl.org/pipermail/openssl-dev/2015-March/001015.html https://mta.openssl.org/pipermail/openssl-bugs-mod/2015-December/000279.html This is s a further demonstration that I still have to improve my english ! ;-) Regards, Michel. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
