subject:"\[arch\-dev\-public\] \[signoff\] openssl 1.0.0a\-3"

Re: [arch-dev-public] [signoff] openssl 1.0.0a-3

2010-08-11 Thread Allan McRae

On 11/08/10 02:22, Ionuț Bîru wrote: On 08/10/2010 02:08 PM, Pierre Schmitz wrote: Hello, there was a double free issue discovered in openssl. This might be used for remote code injection/execution. See http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0085.html or http://www.heise.

Re: [arch-dev-public] [signoff] openssl 1.0.0a-3

2010-08-10 Thread Ionuț Bîru

On 08/10/2010 02:08 PM, Pierre Schmitz wrote: Hello, there was a double free issue discovered in openssl. This might be used for remote code injection/execution. See http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0085.html or http://www.heise.de/security/meldung/Schwachstelle-in-O

[arch-dev-public] [signoff] openssl 1.0.0a-3

2010-08-10 Thread Pierre Schmitz

Hello, there was a double free issue discovered in openssl. This might be used for remote code injection/execution. See http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0085.html or http://www.heise.de/security/meldung/Schwachstelle-in-OpenSSL-1-0-x-1053085.html I have applied the pr