[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OpenSSL CVE-2016-2177, CVE-2016-2178

From: Leo Famulari
Subject: OpenSSL CVE-2016-2177, CVE-2016-2178
Date: Sat, 11 Jun 2016 21:22:01 -0400
User-agent: Mutt/1.6.0 (2016-04-01)

Some bugs in OpenSSL were recently disclosed.



The second bug can apparently be used by an attacker to recover DSA
keys. And remember that OpenSSH uses OpenSSL, so it is affected too.

Should we try cherry-picking the upstream commits from the OpenSSL
development repo?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]