openssl.org] *On
> Behalf Of *Ethan Rahn
> *Sent:* Thursday, January 26, 2017 10:40 AM
> *To:* openssl-users@openssl.org
> *Subject:* [openssl-users] Should openssl publish the commit #'s that
> fixed each CVE?
>
>
>
> Hello,
>
>
>
> When looking a the la
The CVE itself contains the commit info. Find it at cve.mitre.org
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Ethan Rahn
Sent: Thursday, January 26, 2017 10:40 AM
To: openssl-users@openssl.org
Subject: [openssl-users] Should openssl publish the commit #'s
Hello,
When looking a the latest security announcement, something that I notice is
that it's hard to find the actual commits that fixed an issue. If you
search git.openssl.org you can find some of them if they are mentioned in
the change message, but it still requires some active effort.
Would it
