OpenSSL CVE-2016-2177, CVE-2016-2178

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OpenSSL CVE-2016-2177, CVE-2016-2178

From:	Leo Famulari
Subject:	OpenSSL CVE-2016-2177, CVE-2016-2178
Date:	Sat, 11 Jun 2016 21:22:01 -0400
User-agent:	Mutt/1.6.0 (2016-04-01)

Some bugs in OpenSSL were recently disclosed.

CVE-2016-2177
http://seclists.org/oss-sec/2016/q2/500

CVE-2016-2178
http://seclists.org/oss-sec/2016/q2/493

The second bug can apparently be used by an attacker to recover DSA
keys. And remember that OpenSSH uses OpenSSL, so it is affected too.

Should we try cherry-picking the upstream commits from the OpenSSL
development repo?

[Prev in Thread]

Current Thread

[Next in Thread]

OpenSSL CVE-2016-2177, CVE-2016-2178, Leo Famulari <=
- Re: OpenSSL CVE-2016-2177, CVE-2016-2178, Ludovic Courtès, 2016/06/12
  - Re: OpenSSL CVE-2016-2177, CVE-2016-2178, Leo Famulari, 2016/06/13
    - Re: OpenSSL CVE-2016-2177, CVE-2016-2178, Ludovic Courtès, 2016/06/14
    - Re: OpenSSL CVE-2016-2177, CVE-2016-2178, Leo Famulari, 2016/06/15

Prev by Date: Re: discussion: root password switch for next guixsd release
Next by Date: [PATCH] gnu: Add gnome-shell-extensions.
Previous by thread: higan v099
Next by thread: Re: OpenSSL CVE-2016-2177, CVE-2016-2178
Index(es):
- Date
- Thread