[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: exim STARTTLS fix
From: Michael Tokarev <mjt () tls ! msk ! ru>
Date: 2011-05-24 11:42:31
Message-ID: 4DDB99A7.9090108 () msgid ! tls ! msk ! ru
[Download RAW message or body]
24.05.2011 15:24, Josh Bressers wrote:
> ----- Original Message -----
>> Hi,
>>
>> while reviewing EXIM git for the last security issues, I also found the
>> STARTTLS fix:
>>
>> http://git.exim.org/exim.git/commitdiff/da80c2a8ed49427334af613c00df65ae301cacdd
>>
>> Is fixed with exim 4.76 apparently.
>>
>
> That commit suggests it's not an issue, but rather some extra paranoid
> buffer wiping. Is there a reason to believe this is a problem?
Isn't it CVE-2011-0411 attack ?
/mjt
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic