Secure Shell
CVS-2010-3864: OpenSSL TLS session caching buffer overun: any bearing? Nov 16 2010 11:01PM
Mark Lavi (mlavi sgi com) (1 replies)
Re: CVS-2010-3864: OpenSSL TLS session caching buffer overun: any bearing? Nov 17 2010 02:00AM
Darren Tucker (dtucker zip com au)
On 17/11/10 10:01 AM, Mark Lavi wrote:
> Does the CVE-2010-3864 vulnerability for OpenSSL:
> http://marc.info/?l=3Dopenssl-users&m=3D128992473131301&w=3D2
> ...have any bearing on OpenSSH?

No. It's in libssl which OpenSSH does not even link against.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus