mailing list archives
CVE ids for CyaSSL 2.9.4?
From: Raphael Geissert <geissert () debian org>
Date: Thu, 17 Apr 2014 14:13:11 +0200
[CC'ing Ivan Fratric and one of the many @wolfssl addresses I found]
CyaSSL 2.9.4 fixes a number of security issues.
Issue #1 (Memory Corruption)
Issue #2 (Out of bounds read)
Issue #3 (Dangerous Default Behavior, out of bounds read)
Issue #4 (NULL pointer dereference)
Issue #5 (Unknown Critical Certificate Extension Allowed)
Have CVE ids been assigned already? if not, could they be assigned?
Thanks in advance.
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
- CVE ids for CyaSSL 2.9.4? Raphael Geissert (Apr 17)