[indiana-discuss] OpenSSL security vulnerability
Alan Coopersmith
Alan.Coopersmith at Sun.COM
Tue Jan 13 13:18:19 PST 2009
Guido Berhoerster wrote:
> Does CVE-2008-5077 (see
> http://www.openssl.org/news/secadv_20090107.txt) apply to
> 2008.11?
>
> If yes, is anybody working on that (I couldn't find anything in
> Bugzilla or Bugster)?
Since bugster only has a flag for "is a security issue?" and doesn't
have flags to distinguish between "already public" and "must be kept
private until advisory release", bugs.opensolaris.org will not show
any security bugs.
When Sun is ready to release a Sun Alert about which OS'es may or may
not be affected by this issue (I don't see one yet), it should appear
on http://blogs.sun.com/security/
--
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsystems, Inc. - X Window System Engineering
More information about the indiana-discuss
mailing list