tech-crypto archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: RSAREF2 buffer overflow?
On Tue, 14 Dec 1999, Bill Sommerfeld wrote:
> > I know this doesn't apply to those outside the US [1], but the
> > NetBSD-specific section in the recent CERT advisory regarding buffer
> > overflows in RSAREF2 says basically "we advise recompiling things to not
> > use RSAREF2." What about those of us who (for legal or other reasons)
> > don't have the option?
>
> This looks like the result of a left hand vs. right hand disconnect.
> Patches for this problem were checked into pkgsrc on december 2nd.
>
> > should I send-pr this?
>
> No, it's already fixed.. too bad it's too late to fix the advisory.
Can someone either put something up on the website to this effect,
give me the appropriate text, or point me at the person whom I
should bug.
David/absolute
Home |
Main Index |
Thread Index |
Old Index