cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Chronological Thread
- From: Wytze van der Raay <wytze AT cacert.org>
- To: cacert-sysadm AT lists.cacert.org
- Cc: Philipp Gühring <pg AT futureware.at>
- Subject: Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
- Date: Fri, 20 Apr 2012 14:56:34 +0200
Hi Philipp,
Op 20-4-2012 12:26, Philipp Gühring schreef:
> Please also install the update on the signing system as soon as possible.
We do not have any intention to do so. Since the current installation of
the signing server in September 2009 (with Debian Lenny), *no* software
updates have been applied to it of any kind. This is fine since there is
no attack interface to it. Only when the serial communication protocol
would be discovered to contain some vulnerability, a software change/
update would be required.
Regards,
-- wytze
Attachment:
smime.p7s
Description: S/MIME cryptografische ondertekening
- URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Philipp Gühring, 04/19/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Guillaume ROMAGNY, 04/19/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Guillaume ROMAGNY, 04/19/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Wytze van der Raay, 04/20/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Wytze van der Raay, 04/20/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Philipp Gühring, 04/20/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Wytze van der Raay, 04/20/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Philipp Gühring, 04/20/2012
- Re: URGENT OpenSSL flaw Fwd: [Discuss] [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption., Guillaume ROMAGNY, 04/19/2012
Archive powered by MHonArc 2.6.16.