tech-pkg archive

---

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Recent stunnel vulnerability too general

---

• To: Hauke Fath <hf%spg.tu-darmstadt.de@localhost>
• Subject: Re: Recent stunnel vulnerability too general
• From: Tobias Nygren <tnn%NetBSD.org@localhost>
• Date: 2008年7月14日 13:19:45 +0200

---

On 2008年7月14日 11:28:44 +0200
Hauke Fath <hf%spg.tu-darmstadt.de@localhost> wrote:
> audit-packages(8) has an entry for an stunnel vulnerability
> 
> stunnel<4.24 accepts-revoked-ocsp-cert \
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2420
> 
> which should be restricted to v4.16 .. v4.23, since it concerns OCSP 
> functionality that e.g. wip/stunnel3 does not have.
Fixed, thanks.
-Tobias

---

• References:
  • Recent stunnel vulnerability too general
    • From: Hauke Fath

---

• Prev by Date: Recent stunnel vulnerability too general
• Next by Date: p5-* modules and DEPEND for tests
• Previous by Thread: Recent stunnel vulnerability too general
• Next by Thread: p5-* modules and DEPEND for tests
• Indexes:
  • reverse Date
  • reverse Thread
  • Old Index

Home | Main Index | Thread Index | Old Index