[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] FreeBSD Security Advisory FreeBSD-SA-13:10.sctp
From:       Dag-Erling_Smørgrav <des () des ! no>
Date:       2013-08-22 11:42:48
Message-ID: 86ppt6gddz.fsf () nine ! des ! no
[Download RAW message or body]

Huzaifa Sidhpurwala <huzaifas@redhat.com> writes:
> Dag-Erling Smørgrav <des@des.no> writes:
> > This also affects third-party software (Firefox, at the very least)
> > that incorporates FreeBSD's SCTP implementation.
> Are you sure about this?

Allow me to amend my statement: this *may* also affect third-party
software that incorporates our SCTP implementation, including Mozilla
Firefox and Google Chrome.  I can neither confirm nor deny that they are
actually vulnerable; all I can say is that a) I have it on good
authority that they use the same code (JFGI!) and b) they were notified
in advance.

DES
-- 
Dag-Erling Smørgrav - des@des.no
[prev in list] [next in list] [prev in thread] [next in thread]