Home page logo

oss-sec logo oss-sec mailing list archives

CVE ids for CyaSSL 2.9.4?
From: Raphael Geissert <geissert () debian org>
Date: Thu, 17 Apr 2014 14:13:11 +0200


[CC'ing Ivan Fratric and one of the many @wolfssl addresses I found]

CyaSSL 2.9.4 fixes a number of security issues.

From [3]:
Issue #1 (Memory  Corruption)
Issue #2 (Out of bounds read)
Issue #3 (Dangerous Default Behavior, out of bounds read)
Issue #4 (NULL pointer dereference)
Issue #5 (Unknown Critical Certificate Extension Allowed)

Have CVE ids been assigned already? if not, could they be assigned?

Thanks in advance.


Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]