Re: OpenSSL-0.9.6a has security fixes

From: Markus Friedl (Markus_Friedlat_private)
Date: Thu Apr 26 2001 - 00:10:14 PDT

Next message: David LeBlanc: "Re: XML scripting in IE, Outlook Express"

Previous message: v9at_private: "IRIX /usr/lib/print/netprint local root symbols exploit."
In reply to: Ariel Waissbein: "Re: OpenSSL-0.9.6a has security fixes"
Next in thread: Dan Riley: "Re: OpenSSL-0.9.6a has security fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 25, 2001 at 03:33:13PM -0300, Ariel Waissbein wrote:
> There seems to be an typo in the following post. It is RSA and not DSA.

no, it's DSA not RSA, it's not a typo.

Bleichenbacher has discovered both attacks on RSA and on DSA:

    http://www.lucent.com/press/0201/010205.bla.html


> The source, OpenSSL's webpage, has the same typo. Refer to

no.

> >   - Security fix: prevent Bleichenbacher's DSA attack.
>
> it should be Bleichenbacher's RSA attack and not DSA

just look at the code.

cheers,
-markus

Next message: David LeBlanc: "Re: XML scripting in IE, Outlook Express"
Previous message: v9at_private: "IRIX /usr/lib/print/netprint local root symbols exploit."
In reply to: Ariel Waissbein: "Re: OpenSSL-0.9.6a has security fixes"
Next in thread: Dan Riley: "Re: OpenSSL-0.9.6a has security fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 09:52:59 PDT