oss-sec mailing list archives
Re: CVE-2024-12797: OpenSSL: RFC7250 handshakes with unauthenticated servers don't abort as expected
From: sjw () gmx ch
Date: Tue, 11 Feb 2025 21:11:10 +0100
I assume a minor typo in the official advisory:
OpenSSL 3.3 users should upgrade to OpenSSL 3.3.2.
*should upgrade to OpenSSL 3.3.3. Could you fix it on https://openssl-library.org/news/secadv/20250211.txt? Thanks!
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE-2024-12797: OpenSSL: RFC7250 handshakes with unauthenticated servers don't abort as expected Tomas Mraz (Feb 11)
- Re: CVE-2024-12797: OpenSSL: RFC7250 handshakes with unauthenticated servers don't abort as expected sjw (Feb 11)