Posts by mark cox

3 publicly visible posts • joined 13 May 2008

We think it's unlikely to be usefully exploitable:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2010-3864#c7

We actually had advance notice to be able to fix this issue so quickly after disclosure:

http://www.awe.com/mark/blog/20091007.html

"Another has suggested the bug resides within OpenSSL itself and dates from May 2006,"

This is not true, this issue does not affect upstream OpenSSL or any vendors that are not derived from Debian.

The Register Biting the hand that feeds IT

Topics