Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerabili

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerabili

From:	Jeff Cai
Subject:	Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerability
Date:	Tue, 29 May 2007 19:56:09 +0800

Thanks Simon for your quick response.
I'll let you know if I can get more information about this vulnerability
of RSA BSAFE.

Jeff

On Tue, 2007-05-29 at 12:48 +0200, Simon Josefsson wrote:
> Jeff Cai <address@hidden> writes:
> 
> > Hi,
> > Maybe this is a very simple question. But because it concern security,
> > it becomes so important. 
> > Recently, someone found a security vulnerability of RSA BSAFE libraries
> > http://www.kb.cert.org/vuls/id/754281/ I don't know whether GNUTls uses
> > RSA algorithm or has similar problem.
> 
> GnuTLS doesn't use RSA BSAFE Crypto-C or Cert-C, so if it is a problem
> with those particular implementations, we are not affected.
> 
> There isn't sufficient technical information in the link you provide
> that I can use to tell if GnuTLS is affected by a similar bug though.
> 
> /Simon
--

[Prev in Thread]

Current Thread

[Next in Thread]

[gnutls-dev] About RSA BSAFE libraries denial of service vulnerability, Jeff Cai, 2007/05/29
- [gnutls-dev] About RSA BSAFE libraries denial of service vulnerability, Jeff Cai, 2007/05/29
  - Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerability, Simon Josefsson, 2007/05/29
    - Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerability, Jeff Cai <=

Prev by Date: Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerability
Next by Date: Re: [gnutls-dev] Porting bug fixes to 1.6.x
Previous by thread: Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerability
Next by thread: [gnutls-dev] Starting Guile integration
Index(es):
- Date
- Thread