Re: Current OpenSSL vulnerability (CAN-2003-0147)

To: Timm Gleason <timm@gleason.to>
Cc: debian-security@lists.debian.org
Subject: Re: Current OpenSSL vulnerability (CAN-2003-0147)
From: leppo@arenfels.de
Date: Wed, 19 Mar 2003 09:58:12 +0100
Message-id: <[🔎] 200303190958.13027.leppo@arenfels.de>
In-reply-to: <[🔎] Pine.LNX.4.43.0303181511100.16320-100000@miranda.uranushertz.to>
References: <[🔎] Pine.LNX.4.43.0303181511100.16320-100000@miranda.uranushertz.to>

Am Mittwoch, 19. März 2003 00:15 schrieb Timm Gleason:
> I have not seen any mention of this on this list. Is the current version
> (0.9.6c-2.woody.2) vulnerable to this current RSA issue?

I've mentioned that one yesterday, too.
This raised no reaction, probably because the subject "Fwd: [ADVISORY] Timing Attack on OpenSSL" sounds much like the issue in February.
(My mail is a forward of Ben Laurie's mail on bugtraq on Monday.)

Leppo

>
> Tuesday, March 18 2003
> --                              | When a religion is good, I conceive
> Timm Gleason                    | it will support itself; and when it
> http://www.gleason.to/          | does not support itself, and God does
> http://www.uranushertz.to/      | not take care to support it so that
> Quis custodiet iposos custodes? | its professors are obliged to call
>
>                                 | for help of the civil power, 'tis a
>                                 | sign, I apprehend, of its being a bad
>                                 | one. -- Benjamin Franklin
>
> -----PGP PUBLIC KEY BLOCK AVAILABLE-----

-- 
"War isn't politics, my dear. It is indeed the only human activity that is rottener than politics."
(Rex Stout)

Reply to:

References:
- Current OpenSSL vulnerability (CAN-2003-0147)
  - From: Timm Gleason <timm@gleason.to>

Prev by Date: Re: ptrace vulnerability?
Next by Date: Re: OT: Is it so easy to break into an NIS?
Previous by thread: Current OpenSSL vulnerability (CAN-2003-0147)
Next by thread: OT: Is it so easy to break into an NIS?
Index(es):
- Date
- Thread