On Sun, Dec 22, 2013 at 12:25:16AM +0100, Kurt Roeckx wrote:
> But I'm also thinking about at least #732710
>
> There are also things like:
> Author: Dr. Stephen Henson <st...@openssl.org>
> Date: Mon Sep 16 05:23:44 2013 +0100
>
> Disable Dual EC DRBG.
>
> Return an error if an attempt is made to enable the Dual EC DRBG: it
> is not used by default.
>
> And there is a whole bunch of other things I want to get fixed but
> which are less important.
And then this just appeared in git too:
commit 34628967f1e65dc8f34e000f0f5518e21afbfc7b
Author: Dr. Stephen Henson <st...@openssl.org>
Date: Fri Dec 20 15:26:50 2013 +0000
Fix DTLS retransmission from previous session.
For DTLS we might need to retransmit messages from the previous session
so keep a copy of write context in DTLS retransmission buffers instead
of replacing it after sending CCS. CVE-2013-6450.
Kurt
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
